Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-7575 (GCVE-0-2015-7575)
Vulnerability from cvelistv5 – Published: 2016-01-09 02:00 – Updated: 2024-08-06 07:51
VLAI
EPSS
Summary
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
52 references
Date Public
2015-12-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:51:28.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3688",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3688"
},
{
"name": "DSA-3457",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3457"
},
{
"name": "DSA-3491",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3491"
},
{
"name": "openSUSE-SU-2016:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html"
},
{
"name": "1036467",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036467"
},
{
"name": "GLSA-201701-46",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"name": "openSUSE-SU-2016:0279",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html"
},
{
"name": "openSUSE-SU-2016:0161",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "USN-2884-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2884-1"
},
{
"name": "79684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/79684"
},
{
"name": "DSA-3465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3465"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1158489"
},
{
"name": "RHSA-2016:0049",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "openSUSE-SU-2016:0308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html"
},
{
"name": "DSA-3437",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3437"
},
{
"name": "RHSA-2016:0053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html"
},
{
"name": "USN-2904-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2904-1"
},
{
"name": "openSUSE-SU-2015:2405",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20160225-0001/"
},
{
"name": "SUSE-SU-2016:0269",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html"
},
{
"name": "DSA-3436",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3436"
},
{
"name": "openSUSE-SU-2016:0263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html"
},
{
"name": "USN-2866-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2866-1"
},
{
"name": "SUSE-SU-2016:0256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-150.html"
},
{
"name": "RHSA-2016:0055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"name": "GLSA-201801-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201801-15"
},
{
"name": "RHSA-2016:0054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html"
},
{
"name": "openSUSE-SU-2016:0488",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html"
},
{
"name": "GLSA-201706-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-18"
},
{
"name": "USN-2864-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2864-1"
},
{
"name": "openSUSE-SU-2016:0162",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html"
},
{
"name": "openSUSE-SU-2016:0605",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html"
},
{
"name": "RHSA-2016:0056",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html"
},
{
"name": "openSUSE-SU-2016:0268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html"
},
{
"name": "openSUSE-SU-2016:0307",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html"
},
{
"name": "RHSA-2016:0050",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
},
{
"name": "DSA-3458",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3458"
},
{
"name": "SUSE-SU-2016:0265",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html"
},
{
"name": "USN-2865-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2865-1"
},
{
"name": "1034541",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034541"
},
{
"name": "openSUSE-SU-2016:0007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html"
},
{
"name": "USN-2863-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2863-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-15T10:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-3688",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3688"
},
{
"name": "DSA-3457",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3457"
},
{
"name": "DSA-3491",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3491"
},
{
"name": "openSUSE-SU-2016:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html"
},
{
"name": "1036467",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036467"
},
{
"name": "GLSA-201701-46",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"name": "openSUSE-SU-2016:0279",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html"
},
{
"name": "openSUSE-SU-2016:0161",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "USN-2884-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2884-1"
},
{
"name": "79684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/79684"
},
{
"name": "DSA-3465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3465"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1158489"
},
{
"name": "RHSA-2016:0049",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "openSUSE-SU-2016:0308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html"
},
{
"name": "DSA-3437",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3437"
},
{
"name": "RHSA-2016:0053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html"
},
{
"name": "USN-2904-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2904-1"
},
{
"name": "openSUSE-SU-2015:2405",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20160225-0001/"
},
{
"name": "SUSE-SU-2016:0269",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html"
},
{
"name": "DSA-3436",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3436"
},
{
"name": "openSUSE-SU-2016:0263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html"
},
{
"name": "USN-2866-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2866-1"
},
{
"name": "SUSE-SU-2016:0256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-150.html"
},
{
"name": "RHSA-2016:0055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"name": "GLSA-201801-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201801-15"
},
{
"name": "RHSA-2016:0054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html"
},
{
"name": "openSUSE-SU-2016:0488",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html"
},
{
"name": "GLSA-201706-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-18"
},
{
"name": "USN-2864-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2864-1"
},
{
"name": "openSUSE-SU-2016:0162",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html"
},
{
"name": "openSUSE-SU-2016:0605",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html"
},
{
"name": "RHSA-2016:0056",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html"
},
{
"name": "openSUSE-SU-2016:0268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html"
},
{
"name": "openSUSE-SU-2016:0307",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html"
},
{
"name": "RHSA-2016:0050",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
},
{
"name": "DSA-3458",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3458"
},
{
"name": "SUSE-SU-2016:0265",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html"
},
{
"name": "USN-2865-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2865-1"
},
{
"name": "1034541",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034541"
},
{
"name": "openSUSE-SU-2016:0007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html"
},
{
"name": "USN-2863-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2863-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-7575",
"datePublished": "2016-01-09T02:00:00.000Z",
"dateReserved": "2015-09-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:51:28.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2015-7575",
"date": "2026-05-29",
"epss": "0.0107",
"percentile": "0.78029"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2015-7575\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2016-01-09T02:59:10.910\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.\"},{\"lang\":\"es\",\"value\":\"Mozilla Network Security Services (NSS) en versiones anteriores a 3.20.2, tal como se utiliza en Mozilla Firefox en versiones anteriores a 43.0.2 y Firefox ESR 38.x en versiones anteriores a 38.5.2, no rechaza las firmas MD5 en mensajes Server Key Exchange en el tr\u00e1fico de TLS 1.2 Handshake Protocol, lo que facilita a atacantes man-in-the-middle falsificar servidores desencadenando una colisi\u00f3n.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-19\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.20.1\",\"matchCriteriaId\":\"92954403-582A-4A55-B45C-64CADCF40909\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4863BE36-D16A-4D75-90D9-FD76DB5B48B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10BC294-9196-425F-9FB0-B1625465B47F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03117DF1-3BEC-4B8D-AD63-DBBDB2126081\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35BF0AFB-26BA-4BEA-B6B8-11CF88E951DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F007CC6-9391-4E1C-A747-F3DE5E572FA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45E9641F-430C-4B3A-BD63-EC13DBD3D1E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AADD23B-A8AF-4679-990D-C29A1D6EB5CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1343A1FD-98CF-4A6C-A697-1253E538FD5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D098567-B55E-4EAC-8FAA-31FAFDD4058F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE0389BC-D295-4957-8AE7-EDAC770F596D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E75E69A5-AC94-4F35-9EFB-1BFF8B78210D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2765E663-C9CF-476A-B7A8-6F02D0E2D72D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62B4E871-0ACB-4EC5-8392-EAD0DF25E64B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"435D6EF5-C879-4121-9D47-EF2236E53409\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F38D3B7E-8429-473F-BB31-FC3583EE5A5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E88A537F-F4D0-46B9-9E37-965233C2A355\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"43.0.1\",\"matchCriteriaId\":\"11D313EA-95EE-456C-B27B-FB4207DE9492\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0049.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0050.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0053.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0054.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0055.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0056.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3436\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3437\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3457\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3458\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3465\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3491\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3688\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mozilla.org/security/announce/2015/mfsa2015-150.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/79684\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/91787\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1034541\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id/1036467\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2863-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2864-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2865-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2866-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2884-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2904-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1430\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1158489\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201701-46\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/201706-18\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/201801-15\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20160225-0001/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0049.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0050.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0053.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0054.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0055.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0056.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3436\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3437\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3457\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3458\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3465\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3491\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3688\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mozilla.org/security/announce/2015/mfsa2015-150.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/79684\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/91787\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1034541\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1036467\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2863-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2864-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2865-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2866-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2884-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2904-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1430\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1158489\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201701-46\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201706-18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201801-15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20160225-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
SUSE-SU-2016:0428-1
Vulnerability from csaf_suse - Published: 2016-02-11 10:52 - Updated: 2016-02-11 10:52Summary
Security update for java-1_6_0-ibm
Severity
Important
Notes
Title of the patch: Security update for java-1_6_0-ibm
Description of the patch:
This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
- bsc#960286: resolve package conflicts in the fonts subpackage
Patchnames: SUSE-SLE-Module-Legacy-12-2016-244
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.1 (Critical)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
5.9 (Medium)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.3 (High)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
75 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_6_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)\n\n- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances\n- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials\n- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information\n- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions\n- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions\n- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact\n- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information\n- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service\n- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact\n- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact\n\nThe following bugs were fixed:\n\n- bsc#960402: resolve package conflicts in devel package\n- bsc#960286: resolve package conflicts in the fonts subpackage\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Legacy-12-2016-244",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0428-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:0428-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160428-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:0428-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001869.html"
},
{
"category": "self",
"summary": "SUSE Bug 960286",
"url": "https://bugzilla.suse.com/960286"
},
{
"category": "self",
"summary": "SUSE Bug 960402",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "self",
"summary": "SUSE Bug 963937",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5041 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7575 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7981 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8126 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8472 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8540 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0402 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0448 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0466 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0483 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0494 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0494/"
}
],
"title": "Security update for java-1_6_0-ibm",
"tracking": {
"current_release_date": "2016-02-11T10:52:08Z",
"generator": {
"date": "2016-02-11T10:52:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:0428-1",
"initial_release_date": "2016-02-11T10:52:08Z",
"revision_history": [
{
"date": "2016-02-11T10:52:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"product": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"product_id": "java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"product": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"product_id": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"product": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"product_id": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"product_id": "java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"product_id": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"product_id": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64",
"product_id": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 12",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x"
},
"product_reference": "java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x"
},
"product_reference": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x"
},
"product_reference": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5041"
}
],
"notes": [
{
"category": "general",
"text": "The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5041",
"url": "https://www.suse.com/security/cve/CVE-2015-5041"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-5041",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-5041",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "critical"
}
],
"title": "CVE-2015-5041"
},
{
"cve": "CVE-2015-7575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7575"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7575",
"url": "https://www.suse.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "SUSE Bug 959888 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 960996 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960996"
},
{
"category": "external",
"summary": "SUSE Bug 961280 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961280"
},
{
"category": "external",
"summary": "SUSE Bug 961281 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961281"
},
{
"category": "external",
"summary": "SUSE Bug 961282 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961282"
},
{
"category": "external",
"summary": "SUSE Bug 961283 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961283"
},
{
"category": "external",
"summary": "SUSE Bug 961284 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961284"
},
{
"category": "external",
"summary": "SUSE Bug 961290 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961290"
},
{
"category": "external",
"summary": "SUSE Bug 961357 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961357"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 967521 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/967521"
},
{
"category": "external",
"summary": "SUSE Bug 981087 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/981087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "moderate"
}
],
"title": "CVE-2015-7575"
},
{
"cve": "CVE-2015-7981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7981"
}
],
"notes": [
{
"category": "general",
"text": "The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7981",
"url": "https://www.suse.com/security/cve/CVE-2015-7981"
},
{
"category": "external",
"summary": "SUSE Bug 952051 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/952051"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "moderate"
}
],
"title": "CVE-2015-7981"
},
{
"cve": "CVE-2015-8126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8126"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8126",
"url": "https://www.suse.com/security/cve/CVE-2015-8126"
},
{
"category": "external",
"summary": "SUSE Bug 954980 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/954980"
},
{
"category": "external",
"summary": "SUSE Bug 958198 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/958198"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 969333 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/969333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "moderate"
}
],
"title": "CVE-2015-8126"
},
{
"cve": "CVE-2015-8472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8472"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8472",
"url": "https://www.suse.com/security/cve/CVE-2015-8472"
},
{
"category": "external",
"summary": "SUSE Bug 954980 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/954980"
},
{
"category": "external",
"summary": "SUSE Bug 958198 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/958198"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "moderate"
}
],
"title": "CVE-2015-8472"
},
{
"cve": "CVE-2015-8540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8540"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8540",
"url": "https://www.suse.com/security/cve/CVE-2015-8540"
},
{
"category": "external",
"summary": "SUSE Bug 1149680 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/1149680"
},
{
"category": "external",
"summary": "SUSE Bug 958791 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/958791"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "low"
}
],
"title": "CVE-2015-8540"
},
{
"cve": "CVE-2016-0402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0402"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0402",
"url": "https://www.suse.com/security/cve/CVE-2016-0402"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "important"
}
],
"title": "CVE-2016-0402"
},
{
"cve": "CVE-2016-0448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0448"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0448",
"url": "https://www.suse.com/security/cve/CVE-2016-0448"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "important"
}
],
"title": "CVE-2016-0448"
},
{
"cve": "CVE-2016-0466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0466"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0466",
"url": "https://www.suse.com/security/cve/CVE-2016-0466"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "important"
}
],
"title": "CVE-2016-0466"
},
{
"cve": "CVE-2016-0483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0483"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0483",
"url": "https://www.suse.com/security/cve/CVE-2016-0483"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "important"
}
],
"title": "CVE-2016-0483"
},
{
"cve": "CVE-2016-0494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0494"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0494",
"url": "https://www.suse.com/security/cve/CVE-2016-0494"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0494",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0494",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:08Z",
"details": "important"
}
],
"title": "CVE-2016-0494"
}
]
}
SUSE-SU-2016:0431-1
Vulnerability from csaf_suse - Published: 2016-02-11 10:52 - Updated: 2016-02-11 10:52Summary
Security update for java-1_6_0-ibm
Severity
Important
Notes
Title of the patch: Security update for java-1_6_0-ibm
Description of the patch:
This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
- bsc#960286: resolve package conflicts in the fonts subpackage
Patchnames: slessp2-java-1_6_0-ibm-12399
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.1 (Critical)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
5.9 (Medium)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.3 (High)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
75 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_6_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)\n\n- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances\n- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials\n- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information\n- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions\n- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions\n- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact\n- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information\n- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service\n- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact\n- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact\n\nThe following bugs were fixed:\n\n- bsc#960402: resolve package conflicts in devel package\n- bsc#960286: resolve package conflicts in the fonts subpackage\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp2-java-1_6_0-ibm-12399",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0431-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:0431-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160431-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:0431-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001872.html"
},
{
"category": "self",
"summary": "SUSE Bug 960286",
"url": "https://bugzilla.suse.com/960286"
},
{
"category": "self",
"summary": "SUSE Bug 960402",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "self",
"summary": "SUSE Bug 963937",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5041 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7575 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7981 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8126 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8472 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8540 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0402 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0448 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0466 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0483 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0494 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0494/"
}
],
"title": "Security update for java-1_6_0-ibm",
"tracking": {
"current_release_date": "2016-02-11T10:52:39Z",
"generator": {
"date": "2016-02-11T10:52:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:0431-1",
"initial_release_date": "2016-02-11T10:52:39Z",
"revision_history": [
{
"date": "2016-02-11T10:52:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"product": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"product_id": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"product": {
"name": "java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"product_id": "java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"product": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"product_id": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"product": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"product_id": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"product": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"product_id": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"product": {
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"product_id": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"product": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"product_id": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"product": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"product_id": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"product": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"product_id": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"product": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"product_id": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"product_id": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"product_id": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"product_id": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"product_id": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64",
"product_id": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586"
},
"product_reference": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x"
},
"product_reference": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586"
},
"product_reference": "java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586"
},
"product_reference": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x"
},
"product_reference": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586"
},
"product_reference": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x"
},
"product_reference": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586"
},
"product_reference": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x"
},
"product_reference": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586"
},
"product_reference": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5041"
}
],
"notes": [
{
"category": "general",
"text": "The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5041",
"url": "https://www.suse.com/security/cve/CVE-2015-5041"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-5041",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-5041",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "critical"
}
],
"title": "CVE-2015-5041"
},
{
"cve": "CVE-2015-7575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7575"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7575",
"url": "https://www.suse.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "SUSE Bug 959888 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 960996 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960996"
},
{
"category": "external",
"summary": "SUSE Bug 961280 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961280"
},
{
"category": "external",
"summary": "SUSE Bug 961281 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961281"
},
{
"category": "external",
"summary": "SUSE Bug 961282 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961282"
},
{
"category": "external",
"summary": "SUSE Bug 961283 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961283"
},
{
"category": "external",
"summary": "SUSE Bug 961284 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961284"
},
{
"category": "external",
"summary": "SUSE Bug 961290 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961290"
},
{
"category": "external",
"summary": "SUSE Bug 961357 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961357"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 967521 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/967521"
},
{
"category": "external",
"summary": "SUSE Bug 981087 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/981087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "moderate"
}
],
"title": "CVE-2015-7575"
},
{
"cve": "CVE-2015-7981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7981"
}
],
"notes": [
{
"category": "general",
"text": "The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7981",
"url": "https://www.suse.com/security/cve/CVE-2015-7981"
},
{
"category": "external",
"summary": "SUSE Bug 952051 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/952051"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "moderate"
}
],
"title": "CVE-2015-7981"
},
{
"cve": "CVE-2015-8126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8126"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8126",
"url": "https://www.suse.com/security/cve/CVE-2015-8126"
},
{
"category": "external",
"summary": "SUSE Bug 954980 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/954980"
},
{
"category": "external",
"summary": "SUSE Bug 958198 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/958198"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 969333 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/969333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "moderate"
}
],
"title": "CVE-2015-8126"
},
{
"cve": "CVE-2015-8472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8472"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8472",
"url": "https://www.suse.com/security/cve/CVE-2015-8472"
},
{
"category": "external",
"summary": "SUSE Bug 954980 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/954980"
},
{
"category": "external",
"summary": "SUSE Bug 958198 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/958198"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "moderate"
}
],
"title": "CVE-2015-8472"
},
{
"cve": "CVE-2015-8540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8540"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8540",
"url": "https://www.suse.com/security/cve/CVE-2015-8540"
},
{
"category": "external",
"summary": "SUSE Bug 1149680 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/1149680"
},
{
"category": "external",
"summary": "SUSE Bug 958791 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/958791"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "low"
}
],
"title": "CVE-2015-8540"
},
{
"cve": "CVE-2016-0402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0402"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0402",
"url": "https://www.suse.com/security/cve/CVE-2016-0402"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "important"
}
],
"title": "CVE-2016-0402"
},
{
"cve": "CVE-2016-0448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0448"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0448",
"url": "https://www.suse.com/security/cve/CVE-2016-0448"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "important"
}
],
"title": "CVE-2016-0448"
},
{
"cve": "CVE-2016-0466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0466"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0466",
"url": "https://www.suse.com/security/cve/CVE-2016-0466"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "important"
}
],
"title": "CVE-2016-0466"
},
{
"cve": "CVE-2016-0483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0483"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0483",
"url": "https://www.suse.com/security/cve/CVE-2016-0483"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "important"
}
],
"title": "CVE-2016-0483"
},
{
"cve": "CVE-2016-0494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0494"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0494",
"url": "https://www.suse.com/security/cve/CVE-2016-0494"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0494",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0494",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-49.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:39Z",
"details": "important"
}
],
"title": "CVE-2016-0494"
}
]
}
SUSE-SU-2016:0433-1
Vulnerability from csaf_suse - Published: 2016-02-11 10:52 - Updated: 2016-02-11 10:52Summary
Security update for java-1_7_0-ibm
Severity
Important
Notes
Title of the patch: Security update for java-1_7_0-ibm
Description of the patch:
This update for java-1_7_0-ibm fixes the following issues by updating to 7.0-9.30 (bsc#963937):
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
Patchnames: slessp2-java-1_7_0-ibm-12398
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.1 (Critical)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
5.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.3 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
74 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_7_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for java-1_7_0-ibm fixes the following issues by updating to 7.0-9.30 (bsc#963937):\n\n- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances\n- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials\n- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information\n- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions\n- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions\n- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact\n- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information\n- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service\n- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact\n- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact\n\nThe following bugs were fixed:\n\n- bsc#960402: resolve package conflicts in devel package\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp2-java-1_7_0-ibm-12398",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0433-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:0433-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160433-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:0433-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001874.html"
},
{
"category": "self",
"summary": "SUSE Bug 960402",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "self",
"summary": "SUSE Bug 963937",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5041 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7575 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7981 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8126 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8472 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8540 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0402 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0448 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0466 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0483 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0494 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0494/"
}
],
"title": "Security update for java-1_7_0-ibm",
"tracking": {
"current_release_date": "2016-02-11T10:52:24Z",
"generator": {
"date": "2016-02-11T10:52:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:0433-1",
"initial_release_date": "2016-02-11T10:52:24Z",
"revision_history": [
{
"date": "2016-02-11T10:52:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"product": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"product_id": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"product": {
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"product_id": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"product": {
"name": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"product_id": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"product": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"product_id": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"product": {
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"product_id": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"product": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"product_id": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"product": {
"name": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"product_id": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"product": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"product_id": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"product": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"product_id": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"product": {
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"product_id": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"product": {
"name": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"product_id": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"product": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"product_id": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64",
"product": {
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64",
"product_id": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586"
},
"product_reference": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x"
},
"product_reference": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64"
},
"product_reference": "java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586"
},
"product_reference": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64"
},
"product_reference": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586"
},
"product_reference": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x"
},
"product_reference": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64"
},
"product_reference": "java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586"
},
"product_reference": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x"
},
"product_reference": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64"
},
"product_reference": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586"
},
"product_reference": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
},
"product_reference": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5041"
}
],
"notes": [
{
"category": "general",
"text": "The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5041",
"url": "https://www.suse.com/security/cve/CVE-2015-5041"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-5041",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-5041",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "critical"
}
],
"title": "CVE-2015-5041"
},
{
"cve": "CVE-2015-7575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7575"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7575",
"url": "https://www.suse.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "SUSE Bug 959888 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 960996 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960996"
},
{
"category": "external",
"summary": "SUSE Bug 961280 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961280"
},
{
"category": "external",
"summary": "SUSE Bug 961281 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961281"
},
{
"category": "external",
"summary": "SUSE Bug 961282 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961282"
},
{
"category": "external",
"summary": "SUSE Bug 961283 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961283"
},
{
"category": "external",
"summary": "SUSE Bug 961284 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961284"
},
{
"category": "external",
"summary": "SUSE Bug 961290 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961290"
},
{
"category": "external",
"summary": "SUSE Bug 961357 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961357"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 967521 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/967521"
},
{
"category": "external",
"summary": "SUSE Bug 981087 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/981087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "moderate"
}
],
"title": "CVE-2015-7575"
},
{
"cve": "CVE-2015-7981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7981"
}
],
"notes": [
{
"category": "general",
"text": "The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7981",
"url": "https://www.suse.com/security/cve/CVE-2015-7981"
},
{
"category": "external",
"summary": "SUSE Bug 952051 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/952051"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "moderate"
}
],
"title": "CVE-2015-7981"
},
{
"cve": "CVE-2015-8126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8126"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8126",
"url": "https://www.suse.com/security/cve/CVE-2015-8126"
},
{
"category": "external",
"summary": "SUSE Bug 954980 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/954980"
},
{
"category": "external",
"summary": "SUSE Bug 958198 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/958198"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 969333 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/969333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "moderate"
}
],
"title": "CVE-2015-8126"
},
{
"cve": "CVE-2015-8472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8472"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8472",
"url": "https://www.suse.com/security/cve/CVE-2015-8472"
},
{
"category": "external",
"summary": "SUSE Bug 954980 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/954980"
},
{
"category": "external",
"summary": "SUSE Bug 958198 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/958198"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "moderate"
}
],
"title": "CVE-2015-8472"
},
{
"cve": "CVE-2015-8540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8540"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8540",
"url": "https://www.suse.com/security/cve/CVE-2015-8540"
},
{
"category": "external",
"summary": "SUSE Bug 1149680 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/1149680"
},
{
"category": "external",
"summary": "SUSE Bug 958791 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/958791"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "low"
}
],
"title": "CVE-2015-8540"
},
{
"cve": "CVE-2016-0402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0402"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0402",
"url": "https://www.suse.com/security/cve/CVE-2016-0402"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "important"
}
],
"title": "CVE-2016-0402"
},
{
"cve": "CVE-2016-0448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0448"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0448",
"url": "https://www.suse.com/security/cve/CVE-2016-0448"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "important"
}
],
"title": "CVE-2016-0448"
},
{
"cve": "CVE-2016-0466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0466"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0466",
"url": "https://www.suse.com/security/cve/CVE-2016-0466"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "important"
}
],
"title": "CVE-2016-0466"
},
{
"cve": "CVE-2016-0483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0483"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0483",
"url": "https://www.suse.com/security/cve/CVE-2016-0483"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "important"
}
],
"title": "CVE-2016-0483"
},
{
"cve": "CVE-2016-0494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0494"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0494",
"url": "https://www.suse.com/security/cve/CVE-2016-0494"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0494",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0494",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-11T10:52:24Z",
"details": "important"
}
],
"title": "CVE-2016-0494"
}
]
}
SUSE-SU-2016:0584-1
Vulnerability from csaf_suse - Published: 2016-02-25 15:19 - Updated: 2016-02-25 15:19Summary
Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss
Severity
Moderate
Notes
Title of the patch: Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss
Description of the patch:
This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues:
Firefox 38.6.1 ESR (bsc#967087)
The following vulnerabilities were fixed:
- CVE-2016-1523: Fixed denial of service in Graphite 2 library (MFSA 2016-14/bmo#1246093)
Firefox 38.6.0 ESR + Mozilla NSS 3.20.2. (bsc#963520)
The following vulnerabilities were fixed:
- CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632)
- CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635)
- CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731)
- CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (bsc#959888)
The following improvements were added:
- bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites
- Tracking protection is now enabled by default
Patchnames: slessp2-mozilla-12419
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.8 (Critical)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
8.8 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
45 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: \n\nFirefox 38.6.1 ESR (bsc#967087)\n\nThe following vulnerabilities were fixed:\n\n- CVE-2016-1523: Fixed denial of service in Graphite 2 library (MFSA 2016-14/bmo#1246093)\n\nFirefox 38.6.0 ESR + Mozilla NSS 3.20.2. (bsc#963520)\n\nThe following vulnerabilities were fixed:\n\n- CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632)\n- CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635)\n- CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731)\n- CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (bsc#959888)\n\nThe following improvements were added:\n\n- bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites\n- Tracking protection is now enabled by default\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp2-mozilla-12419",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0584-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:0584-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160584-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:0584-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001894.html"
},
{
"category": "self",
"summary": "SUSE Bug 954447",
"url": "https://bugzilla.suse.com/954447"
},
{
"category": "self",
"summary": "SUSE Bug 959888",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "self",
"summary": "SUSE Bug 963520",
"url": "https://bugzilla.suse.com/963520"
},
{
"category": "self",
"summary": "SUSE Bug 963632",
"url": "https://bugzilla.suse.com/963632"
},
{
"category": "self",
"summary": "SUSE Bug 963635",
"url": "https://bugzilla.suse.com/963635"
},
{
"category": "self",
"summary": "SUSE Bug 963731",
"url": "https://bugzilla.suse.com/963731"
},
{
"category": "self",
"summary": "SUSE Bug 967087",
"url": "https://bugzilla.suse.com/967087"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7575 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1523 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1930 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1935 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1938 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1938/"
}
],
"title": "Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss",
"tracking": {
"current_release_date": "2016-02-25T15:19:11Z",
"generator": {
"date": "2016-02-25T15:19:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:0584-1",
"initial_release_date": "2016-02-25T15:19:11Z",
"revision_history": [
{
"date": "2016-02-25T15:19:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-38.6.1esr-33.1.i586",
"product": {
"name": "MozillaFirefox-38.6.1esr-33.1.i586",
"product_id": "MozillaFirefox-38.6.1esr-33.1.i586"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-SLED-38-15.58.i586",
"product": {
"name": "MozillaFirefox-branding-SLED-38-15.58.i586",
"product_id": "MozillaFirefox-branding-SLED-38-15.58.i586"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-38.6.1esr-33.1.i586",
"product": {
"name": "MozillaFirefox-translations-38.6.1esr-33.1.i586",
"product_id": "MozillaFirefox-translations-38.6.1esr-33.1.i586"
}
},
{
"category": "product_version",
"name": "libfreebl3-3.20.2-17.5.i586",
"product": {
"name": "libfreebl3-3.20.2-17.5.i586",
"product_id": "libfreebl3-3.20.2-17.5.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.20.2-17.5.i586",
"product": {
"name": "mozilla-nss-3.20.2-17.5.i586",
"product_id": "mozilla-nss-3.20.2-17.5.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.20.2-17.5.i586",
"product": {
"name": "mozilla-nss-devel-3.20.2-17.5.i586",
"product_id": "mozilla-nss-devel-3.20.2-17.5.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.20.2-17.5.i586",
"product": {
"name": "mozilla-nss-tools-3.20.2-17.5.i586",
"product_id": "mozilla-nss-tools-3.20.2-17.5.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-38.6.1esr-33.1.s390x",
"product": {
"name": "MozillaFirefox-38.6.1esr-33.1.s390x",
"product_id": "MozillaFirefox-38.6.1esr-33.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-SLED-38-15.58.s390x",
"product": {
"name": "MozillaFirefox-branding-SLED-38-15.58.s390x",
"product_id": "MozillaFirefox-branding-SLED-38-15.58.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"product": {
"name": "MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"product_id": "MozillaFirefox-translations-38.6.1esr-33.1.s390x"
}
},
{
"category": "product_version",
"name": "libfreebl3-3.20.2-17.5.s390x",
"product": {
"name": "libfreebl3-3.20.2-17.5.s390x",
"product_id": "libfreebl3-3.20.2-17.5.s390x"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.20.2-17.5.s390x",
"product": {
"name": "libfreebl3-32bit-3.20.2-17.5.s390x",
"product_id": "libfreebl3-32bit-3.20.2-17.5.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.20.2-17.5.s390x",
"product": {
"name": "mozilla-nss-3.20.2-17.5.s390x",
"product_id": "mozilla-nss-3.20.2-17.5.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.20.2-17.5.s390x",
"product": {
"name": "mozilla-nss-32bit-3.20.2-17.5.s390x",
"product_id": "mozilla-nss-32bit-3.20.2-17.5.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.20.2-17.5.s390x",
"product": {
"name": "mozilla-nss-devel-3.20.2-17.5.s390x",
"product_id": "mozilla-nss-devel-3.20.2-17.5.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.20.2-17.5.s390x",
"product": {
"name": "mozilla-nss-tools-3.20.2-17.5.s390x",
"product_id": "mozilla-nss-tools-3.20.2-17.5.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-38.6.1esr-33.1.x86_64",
"product": {
"name": "MozillaFirefox-38.6.1esr-33.1.x86_64",
"product_id": "MozillaFirefox-38.6.1esr-33.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-SLED-38-15.58.x86_64",
"product": {
"name": "MozillaFirefox-branding-SLED-38-15.58.x86_64",
"product_id": "MozillaFirefox-branding-SLED-38-15.58.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"product_id": "MozillaFirefox-translations-38.6.1esr-33.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-3.20.2-17.5.x86_64",
"product": {
"name": "libfreebl3-3.20.2-17.5.x86_64",
"product_id": "libfreebl3-3.20.2-17.5.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.20.2-17.5.x86_64",
"product": {
"name": "libfreebl3-32bit-3.20.2-17.5.x86_64",
"product_id": "libfreebl3-32bit-3.20.2-17.5.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.20.2-17.5.x86_64",
"product": {
"name": "mozilla-nss-3.20.2-17.5.x86_64",
"product_id": "mozilla-nss-3.20.2-17.5.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.20.2-17.5.x86_64",
"product": {
"name": "mozilla-nss-32bit-3.20.2-17.5.x86_64",
"product_id": "mozilla-nss-32bit-3.20.2-17.5.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.20.2-17.5.x86_64",
"product": {
"name": "mozilla-nss-devel-3.20.2-17.5.x86_64",
"product_id": "mozilla-nss-devel-3.20.2-17.5.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.20.2-17.5.x86_64",
"product": {
"name": "mozilla-nss-tools-3.20.2-17.5.x86_64",
"product_id": "mozilla-nss-tools-3.20.2-17.5.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-38.6.1esr-33.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586"
},
"product_reference": "MozillaFirefox-38.6.1esr-33.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-38.6.1esr-33.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x"
},
"product_reference": "MozillaFirefox-38.6.1esr-33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-38.6.1esr-33.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64"
},
"product_reference": "MozillaFirefox-38.6.1esr-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-SLED-38-15.58.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586"
},
"product_reference": "MozillaFirefox-branding-SLED-38-15.58.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-SLED-38-15.58.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x"
},
"product_reference": "MozillaFirefox-branding-SLED-38-15.58.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-SLED-38-15.58.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64"
},
"product_reference": "MozillaFirefox-branding-SLED-38-15.58.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-38.6.1esr-33.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586"
},
"product_reference": "MozillaFirefox-translations-38.6.1esr-33.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-38.6.1esr-33.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x"
},
"product_reference": "MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-38.6.1esr-33.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.20.2-17.5.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586"
},
"product_reference": "libfreebl3-3.20.2-17.5.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.20.2-17.5.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x"
},
"product_reference": "libfreebl3-3.20.2-17.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.20.2-17.5.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64"
},
"product_reference": "libfreebl3-3.20.2-17.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.20.2-17.5.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x"
},
"product_reference": "libfreebl3-32bit-3.20.2-17.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.20.2-17.5.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64"
},
"product_reference": "libfreebl3-32bit-3.20.2-17.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.20.2-17.5.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586"
},
"product_reference": "mozilla-nss-3.20.2-17.5.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.20.2-17.5.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x"
},
"product_reference": "mozilla-nss-3.20.2-17.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.20.2-17.5.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64"
},
"product_reference": "mozilla-nss-3.20.2-17.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.20.2-17.5.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x"
},
"product_reference": "mozilla-nss-32bit-3.20.2-17.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.20.2-17.5.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64"
},
"product_reference": "mozilla-nss-32bit-3.20.2-17.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.20.2-17.5.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586"
},
"product_reference": "mozilla-nss-devel-3.20.2-17.5.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.20.2-17.5.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x"
},
"product_reference": "mozilla-nss-devel-3.20.2-17.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.20.2-17.5.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64"
},
"product_reference": "mozilla-nss-devel-3.20.2-17.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.20.2-17.5.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586"
},
"product_reference": "mozilla-nss-tools-3.20.2-17.5.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.20.2-17.5.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x"
},
"product_reference": "mozilla-nss-tools-3.20.2-17.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.20.2-17.5.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
},
"product_reference": "mozilla-nss-tools-3.20.2-17.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-7575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7575"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7575",
"url": "https://www.suse.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "SUSE Bug 959888 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 960996 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960996"
},
{
"category": "external",
"summary": "SUSE Bug 961280 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961280"
},
{
"category": "external",
"summary": "SUSE Bug 961281 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961281"
},
{
"category": "external",
"summary": "SUSE Bug 961282 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961282"
},
{
"category": "external",
"summary": "SUSE Bug 961283 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961283"
},
{
"category": "external",
"summary": "SUSE Bug 961284 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961284"
},
{
"category": "external",
"summary": "SUSE Bug 961290 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961290"
},
{
"category": "external",
"summary": "SUSE Bug 961357 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961357"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 967521 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/967521"
},
{
"category": "external",
"summary": "SUSE Bug 981087 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/981087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-25T15:19:11Z",
"details": "moderate"
}
],
"title": "CVE-2015-7575"
},
{
"cve": "CVE-2016-1523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1523"
}
],
"notes": [
{
"category": "general",
"text": "The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1523",
"url": "https://www.suse.com/security/cve/CVE-2016-1523"
},
{
"category": "external",
"summary": "SUSE Bug 965803 for CVE-2016-1523",
"url": "https://bugzilla.suse.com/965803"
},
{
"category": "external",
"summary": "SUSE Bug 965806 for CVE-2016-1523",
"url": "https://bugzilla.suse.com/965806"
},
{
"category": "external",
"summary": "SUSE Bug 965807 for CVE-2016-1523",
"url": "https://bugzilla.suse.com/965807"
},
{
"category": "external",
"summary": "SUSE Bug 965810 for CVE-2016-1523",
"url": "https://bugzilla.suse.com/965810"
},
{
"category": "external",
"summary": "SUSE Bug 967087 for CVE-2016-1523",
"url": "https://bugzilla.suse.com/967087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-25T15:19:11Z",
"details": "moderate"
}
],
"title": "CVE-2016-1523"
},
{
"cve": "CVE-2016-1930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1930"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1930",
"url": "https://www.suse.com/security/cve/CVE-2016-1930"
},
{
"category": "external",
"summary": "SUSE Bug 963520 for CVE-2016-1930",
"url": "https://bugzilla.suse.com/963520"
},
{
"category": "external",
"summary": "SUSE Bug 963632 for CVE-2016-1930",
"url": "https://bugzilla.suse.com/963632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-25T15:19:11Z",
"details": "critical"
}
],
"title": "CVE-2016-1930"
},
{
"cve": "CVE-2016-1935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1935"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1935",
"url": "https://www.suse.com/security/cve/CVE-2016-1935"
},
{
"category": "external",
"summary": "SUSE Bug 963520 for CVE-2016-1935",
"url": "https://bugzilla.suse.com/963520"
},
{
"category": "external",
"summary": "SUSE Bug 963635 for CVE-2016-1935",
"url": "https://bugzilla.suse.com/963635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-25T15:19:11Z",
"details": "moderate"
}
],
"title": "CVE-2016-1935"
},
{
"cve": "CVE-2016-1938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1938"
}
],
"notes": [
{
"category": "general",
"text": "The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1938",
"url": "https://www.suse.com/security/cve/CVE-2016-1938"
},
{
"category": "external",
"summary": "SUSE Bug 963731 for CVE-2016-1938",
"url": "https://bugzilla.suse.com/963731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-02-25T15:19:11Z",
"details": "moderate"
}
],
"title": "CVE-2016-1938"
}
]
}
SUSE-SU-2016:0636-1
Vulnerability from csaf_suse - Published: 2016-03-02 18:02 - Updated: 2016-03-02 18:02Summary
Security update for java-1_7_0-ibm
Severity
Important
Notes
Title of the patch: Security update for java-1_7_0-ibm
Description of the patch:
This update for java-1_7_0-ibm fixes the following issues by updating to 7.0-9.30 (bsc#963937):
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
Patchnames: slessp3-java-1_7_0-ibm-12437
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.1 (Critical)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
5.9 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.3 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
74 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_7_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for java-1_7_0-ibm fixes the following issues by updating to 7.0-9.30 (bsc#963937):\n\n- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances\n- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials\n- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information\n- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions\n- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions\n- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact\n- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information\n- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service\n- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact\n- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact\n\nThe following bugs were fixed:\n\n- bsc#960402: resolve package conflicts in devel package\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp3-java-1_7_0-ibm-12437",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0636-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:0636-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160636-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:0636-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-March/001910.html"
},
{
"category": "self",
"summary": "SUSE Bug 960402",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "self",
"summary": "SUSE Bug 963937",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5041 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7575 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7981 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8126 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8472 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8540 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0402 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0448 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0466 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0483 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0494 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0494/"
}
],
"title": "Security update for java-1_7_0-ibm",
"tracking": {
"current_release_date": "2016-03-02T18:02:18Z",
"generator": {
"date": "2016-03-02T18:02:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:0636-1",
"initial_release_date": "2016-03-02T18:02:18Z",
"revision_history": [
{
"date": "2016-03-02T18:02:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"product": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"product_id": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"product": {
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"product_id": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"product": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"product_id": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"product": {
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"product_id": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"product": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"product_id": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"product": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"product_id": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"product": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"product_id": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"product": {
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"product_id": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"product": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"product_id": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64",
"product": {
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64",
"product_id": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586"
},
"product_reference": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x"
},
"product_reference": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64"
},
"product_reference": "java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586"
},
"product_reference": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64"
},
"product_reference": "java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586"
},
"product_reference": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x"
},
"product_reference": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64"
},
"product_reference": "java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586"
},
"product_reference": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
},
"product_reference": "java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5041"
}
],
"notes": [
{
"category": "general",
"text": "The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5041",
"url": "https://www.suse.com/security/cve/CVE-2015-5041"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-5041",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-5041",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "critical"
}
],
"title": "CVE-2015-5041"
},
{
"cve": "CVE-2015-7575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7575"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7575",
"url": "https://www.suse.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "SUSE Bug 959888 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 960996 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960996"
},
{
"category": "external",
"summary": "SUSE Bug 961280 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961280"
},
{
"category": "external",
"summary": "SUSE Bug 961281 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961281"
},
{
"category": "external",
"summary": "SUSE Bug 961282 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961282"
},
{
"category": "external",
"summary": "SUSE Bug 961283 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961283"
},
{
"category": "external",
"summary": "SUSE Bug 961284 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961284"
},
{
"category": "external",
"summary": "SUSE Bug 961290 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961290"
},
{
"category": "external",
"summary": "SUSE Bug 961357 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961357"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 967521 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/967521"
},
{
"category": "external",
"summary": "SUSE Bug 981087 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/981087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "moderate"
}
],
"title": "CVE-2015-7575"
},
{
"cve": "CVE-2015-7981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7981"
}
],
"notes": [
{
"category": "general",
"text": "The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7981",
"url": "https://www.suse.com/security/cve/CVE-2015-7981"
},
{
"category": "external",
"summary": "SUSE Bug 952051 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/952051"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "moderate"
}
],
"title": "CVE-2015-7981"
},
{
"cve": "CVE-2015-8126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8126"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8126",
"url": "https://www.suse.com/security/cve/CVE-2015-8126"
},
{
"category": "external",
"summary": "SUSE Bug 954980 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/954980"
},
{
"category": "external",
"summary": "SUSE Bug 958198 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/958198"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 969333 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/969333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "moderate"
}
],
"title": "CVE-2015-8126"
},
{
"cve": "CVE-2015-8472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8472"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8472",
"url": "https://www.suse.com/security/cve/CVE-2015-8472"
},
{
"category": "external",
"summary": "SUSE Bug 954980 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/954980"
},
{
"category": "external",
"summary": "SUSE Bug 958198 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/958198"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "moderate"
}
],
"title": "CVE-2015-8472"
},
{
"cve": "CVE-2015-8540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8540"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8540",
"url": "https://www.suse.com/security/cve/CVE-2015-8540"
},
{
"category": "external",
"summary": "SUSE Bug 1149680 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/1149680"
},
{
"category": "external",
"summary": "SUSE Bug 958791 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/958791"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "low"
}
],
"title": "CVE-2015-8540"
},
{
"cve": "CVE-2016-0402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0402"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0402",
"url": "https://www.suse.com/security/cve/CVE-2016-0402"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "important"
}
],
"title": "CVE-2016-0402"
},
{
"cve": "CVE-2016-0448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0448"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0448",
"url": "https://www.suse.com/security/cve/CVE-2016-0448"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "important"
}
],
"title": "CVE-2016-0448"
},
{
"cve": "CVE-2016-0466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0466"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0466",
"url": "https://www.suse.com/security/cve/CVE-2016-0466"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "important"
}
],
"title": "CVE-2016-0466"
},
{
"cve": "CVE-2016-0483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0483"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0483",
"url": "https://www.suse.com/security/cve/CVE-2016-0483"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "important"
}
],
"title": "CVE-2016-0483"
},
{
"cve": "CVE-2016-0494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0494"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0494",
"url": "https://www.suse.com/security/cve/CVE-2016-0494"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0494",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0494",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.30-47.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.30-47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-02T18:02:18Z",
"details": "important"
}
],
"title": "CVE-2016-0494"
}
]
}
SUSE-SU-2016:0770-1
Vulnerability from csaf_suse - Published: 2016-03-15 12:58 - Updated: 2016-03-15 12:58Summary
Security update for java-1_6_0-ibm
Severity
Important
Notes
Title of the patch: Security update for java-1_6_0-ibm
Description of the patch:
This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
- bsc#960286: resolve package conflicts in the fonts subpackage
Patchnames: slessp3-java-1_6_0-ibm-12453
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.1 (Critical)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
5.9 (Medium)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.3 (High)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
75 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_6_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)\n\n- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances\n- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials\n- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information\n- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions\n- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions\n- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact\n- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information\n- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service\n- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact\n- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact\n\nThe following bugs were fixed:\n\n- bsc#960402: resolve package conflicts in devel package\n- bsc#960286: resolve package conflicts in the fonts subpackage\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp3-java-1_6_0-ibm-12453",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0770-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:0770-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160770-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:0770-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-March/001941.html"
},
{
"category": "self",
"summary": "SUSE Bug 960286",
"url": "https://bugzilla.suse.com/960286"
},
{
"category": "self",
"summary": "SUSE Bug 960402",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "self",
"summary": "SUSE Bug 963937",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5041 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7575 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7981 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8126 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8472 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8540 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0402 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0448 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0466 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0483 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0494 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0494/"
}
],
"title": "Security update for java-1_6_0-ibm",
"tracking": {
"current_release_date": "2016-03-15T12:58:15Z",
"generator": {
"date": "2016-03-15T12:58:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:0770-1",
"initial_release_date": "2016-03-15T12:58:15Z",
"revision_history": [
{
"date": "2016-03-15T12:58:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"product": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"product_id": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"product": {
"name": "java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"product_id": "java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"product": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"product_id": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"product": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"product_id": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"product": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"product_id": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"product": {
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"product_id": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"product": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"product_id": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"product": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"product_id": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"product": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"product_id": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"product": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"product_id": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"product_id": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"product_id": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"product_id": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"product_id": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64",
"product": {
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64",
"product_id": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586"
},
"product_reference": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x"
},
"product_reference": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586"
},
"product_reference": "java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586"
},
"product_reference": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x"
},
"product_reference": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586"
},
"product_reference": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x"
},
"product_reference": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586"
},
"product_reference": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x"
},
"product_reference": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586"
},
"product_reference": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
},
"product_reference": "java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5041"
}
],
"notes": [
{
"category": "general",
"text": "The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5041",
"url": "https://www.suse.com/security/cve/CVE-2015-5041"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-5041",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-5041",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "critical"
}
],
"title": "CVE-2015-5041"
},
{
"cve": "CVE-2015-7575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7575"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7575",
"url": "https://www.suse.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "SUSE Bug 959888 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 960996 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960996"
},
{
"category": "external",
"summary": "SUSE Bug 961280 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961280"
},
{
"category": "external",
"summary": "SUSE Bug 961281 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961281"
},
{
"category": "external",
"summary": "SUSE Bug 961282 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961282"
},
{
"category": "external",
"summary": "SUSE Bug 961283 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961283"
},
{
"category": "external",
"summary": "SUSE Bug 961284 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961284"
},
{
"category": "external",
"summary": "SUSE Bug 961290 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961290"
},
{
"category": "external",
"summary": "SUSE Bug 961357 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961357"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 967521 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/967521"
},
{
"category": "external",
"summary": "SUSE Bug 981087 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/981087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-7575"
},
{
"cve": "CVE-2015-7981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7981"
}
],
"notes": [
{
"category": "general",
"text": "The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7981",
"url": "https://www.suse.com/security/cve/CVE-2015-7981"
},
{
"category": "external",
"summary": "SUSE Bug 952051 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/952051"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7981",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-7981"
},
{
"cve": "CVE-2015-8126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8126"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8126",
"url": "https://www.suse.com/security/cve/CVE-2015-8126"
},
{
"category": "external",
"summary": "SUSE Bug 954980 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/954980"
},
{
"category": "external",
"summary": "SUSE Bug 958198 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/958198"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 969333 for CVE-2015-8126",
"url": "https://bugzilla.suse.com/969333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8126"
},
{
"cve": "CVE-2015-8472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8472"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8472",
"url": "https://www.suse.com/security/cve/CVE-2015-8472"
},
{
"category": "external",
"summary": "SUSE Bug 954980 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/954980"
},
{
"category": "external",
"summary": "SUSE Bug 958198 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/958198"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8472",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8472"
},
{
"cve": "CVE-2015-8540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8540"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8540",
"url": "https://www.suse.com/security/cve/CVE-2015-8540"
},
{
"category": "external",
"summary": "SUSE Bug 1149680 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/1149680"
},
{
"category": "external",
"summary": "SUSE Bug 958791 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/958791"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-8540",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "low"
}
],
"title": "CVE-2015-8540"
},
{
"cve": "CVE-2016-0402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0402"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0402",
"url": "https://www.suse.com/security/cve/CVE-2016-0402"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0402",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "important"
}
],
"title": "CVE-2016-0402"
},
{
"cve": "CVE-2016-0448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0448"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0448",
"url": "https://www.suse.com/security/cve/CVE-2016-0448"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0448",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "important"
}
],
"title": "CVE-2016-0448"
},
{
"cve": "CVE-2016-0466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0466"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0466",
"url": "https://www.suse.com/security/cve/CVE-2016-0466"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0466",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "important"
}
],
"title": "CVE-2016-0466"
},
{
"cve": "CVE-2016-0483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0483"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0483",
"url": "https://www.suse.com/security/cve/CVE-2016-0483"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0483",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "important"
}
],
"title": "CVE-2016-0483"
},
{
"cve": "CVE-2016-0494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0494"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0494",
"url": "https://www.suse.com/security/cve/CVE-2016-0494"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2016-0494",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2016-0494",
"url": "https://bugzilla.suse.com/963937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-alsa-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-devel-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-fonts-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-jdbc-1.6.0_sr16.20-51.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_6_0-ibm-plugin-1.6.0_sr16.20-51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-15T12:58:15Z",
"details": "important"
}
],
"title": "CVE-2016-0494"
}
]
}
VAR-201601-0016
Vulnerability from variot - Updated: 2026-03-03 21:51Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision. Mozilla Network Security Services is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. This issue is fixed in: Firefox 43.0.2 Firefox ESR 38.5.2 Network Security Services 3.20.2.
Gentoo Linux Security Advisory GLSA 201801-15
https://security.gentoo.org/
Severity: Normal Title: PolarSSL: Multiple vulnerabilities Date: January 15, 2018 Bugs: #537108, #620504 ID: 201801-15
Synopsis
Multiple vulnerabilities have been found in PolarSSL, the worst of which may allow remote attackers to execute arbitrary code.
Background
PolarSSL is a cryptographic library for embedded systems.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/polarssl < 1.3.9-r1 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers.
Description
Multiple vulnerabilities have been discovered in PolarSSL. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker might be able to execute arbitrary code, cause Denial of Service condition or obtain sensitive information.
Workaround
There is no known workaround at this time.
Resolution
Gentoo has discontinued support for PolarSSL and recommends that users unmerge the package:
# emerge --unmerge "net-libs/polarssl"
References
[ 1 ] CVE-2015-1182 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1182 [ 2 ] CVE-2015-7575 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7575
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201801-15
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
--Ph5IIMEQMv2VnlKUQ7M7LCqtbxvbmuakb--
. ========================================================================== Ubuntu Security Notice USN-2863-1 January 07, 2016
openssl vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
OpenSSL could be made to expose sensitive information over the network.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.33
After a standard system update you need to reboot your computer to make all the necessary changes. Description:
IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494)
Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. Bugs fixed (https://bugzilla.redhat.com/):
1276416 - CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123 1281756 - CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions 1289841 - CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH) 1291312 - CVE-2015-8540 libpng: underflow read in png_check_keyword() 1298906 - CVE-2016-0494 ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543) 1298957 - CVE-2016-0402 OpenJDK: URL deserialization inconsistencies (Networking, 8059054) 1299073 - CVE-2016-0448 OpenJDK: logging of RMI connection secrets (JMX, 8130710) 1299385 - CVE-2016-0466 OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962) 1299441 - CVE-2016-0483 OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017) 1302689 - CVE-2015-5041 IBM JDK: J9 JVM allows code to invoke non-public interface methods
Background
mbed TLS (previously PolarSSL) is an "easy to understand, use, integrate and expand" implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required.
http://creativecommons.org/licenses/by-sa/2.5
--meXqunA8BhEhIM1DNPs3RlHKbtgWVCnXm--
.
More information can be found at https://www.mitls.org/pages/attacks/SLOTH
For the oldstable distribution (wheezy), this problem has been fixed in version 1.0.1e-2+deb7u19.
For the stable distribution (jessie), the testing distribution (stretch) and the unstable distribution (sid), this issue was already addressed in version 1.0.1f-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssl security update Advisory ID: RHSA-2016:0008-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0008.html Issue date: 2016-01-07 Updated on: 2016-01-08 CVE Names: CVE-2015-7575 =====================================================================
- Summary:
Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)
All openssl users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1289841 - CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-42.el6_7.2.src.rpm
i386: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm
x86_64: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm openssl-perl-1.0.1e-42.el6_7.2.i686.rpm openssl-static-1.0.1e-42.el6_7.2.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm openssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-static-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-42.el6_7.2.src.rpm
x86_64: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm openssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-static-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-42.el6_7.2.src.rpm
i386: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm
ppc64: openssl-1.0.1e-42.el6_7.2.ppc.rpm openssl-1.0.1e-42.el6_7.2.ppc64.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.ppc.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.ppc64.rpm openssl-devel-1.0.1e-42.el6_7.2.ppc.rpm openssl-devel-1.0.1e-42.el6_7.2.ppc64.rpm
s390x: openssl-1.0.1e-42.el6_7.2.s390.rpm openssl-1.0.1e-42.el6_7.2.s390x.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.s390.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.s390x.rpm openssl-devel-1.0.1e-42.el6_7.2.s390.rpm openssl-devel-1.0.1e-42.el6_7.2.s390x.rpm
x86_64: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-perl-1.0.1e-42.el6_7.2.i686.rpm openssl-static-1.0.1e-42.el6_7.2.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-42.el6_7.2.ppc64.rpm openssl-perl-1.0.1e-42.el6_7.2.ppc64.rpm openssl-static-1.0.1e-42.el6_7.2.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-42.el6_7.2.s390x.rpm openssl-perl-1.0.1e-42.el6_7.2.s390x.rpm openssl-static-1.0.1e-42.el6_7.2.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-static-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-42.el6_7.2.src.rpm
i386: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm
x86_64: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-perl-1.0.1e-42.el6_7.2.i686.rpm openssl-static-1.0.1e-42.el6_7.2.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-static-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.2.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.2.i686.rpm openssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.2.i686.rpm openssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-static-1.0.1e-51.el7_2.2.i686.rpm openssl-static-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.2.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.2.i686.rpm openssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.2.i686.rpm openssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-static-1.0.1e-51.el7_2.2.i686.rpm openssl-static-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.2.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.2.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.2.ppc.rpm openssl-devel-1.0.1e-51.el7_2.2.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.2.ppc.rpm openssl-libs-1.0.1e-51.el7_2.2.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.2.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.2.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.2.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.2.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.s390x.rpm openssl-devel-1.0.1e-51.el7_2.2.s390.rpm openssl-devel-1.0.1e-51.el7_2.2.s390x.rpm openssl-libs-1.0.1e-51.el7_2.2.s390.rpm openssl-libs-1.0.1e-51.el7_2.2.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.2.i686.rpm openssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.2.i686.rpm openssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.2.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.2.ppc64.rpm openssl-static-1.0.1e-51.el7_2.2.ppc.rpm openssl-static-1.0.1e-51.el7_2.2.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.2.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.2.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.2.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.2.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.s390x.rpm openssl-perl-1.0.1e-51.el7_2.2.s390x.rpm openssl-static-1.0.1e-51.el7_2.2.s390.rpm openssl-static-1.0.1e-51.el7_2.2.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-static-1.0.1e-51.el7_2.2.i686.rpm openssl-static-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.2.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.2.i686.rpm openssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.2.i686.rpm openssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-static-1.0.1e-51.el7_2.2.i686.rpm openssl-static-1.0.1e-51.el7_2.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-7575 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/articles/2112261 http://www.mitls.org/pages/attacks/SLOTH
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWjy/pXlSAg2UNWIIRAuxtAKCKQ2VxTXABN4fn+b0MiLythds2GACfe3fA FZkb9bdxBhbyQJXSgVOJ3BA= =k57I -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.1"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.3.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.5.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.2.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.4.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"_id": null,
"model": "network security services",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.20.1"
},
{
"_id": null,
"model": "firefox",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "43.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.2.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.1.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.0.5"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.1.1"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.865"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.866"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.865"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.791"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.6105"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.791"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.6105"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.866"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.9,
"vendor": "mozilla",
"version": "43.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.1"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.11"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.5"
},
{
"_id": null,
"model": "purepower integrated manager service appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.8"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.22"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "ara",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "websphere real time sr8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "11.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.306"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.1"
},
{
"_id": null,
"model": "spss collaboration and deployment services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.4"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.4.2"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.8"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.3"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.12"
},
{
"_id": null,
"model": "websphere real time",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.17"
},
{
"_id": null,
"model": "sterling control center ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.21"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "oncommand shift",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37001.1"
},
{
"_id": null,
"model": "websphere real time sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"_id": null,
"model": "tivoli asset discovery for distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.20"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "36.0.3"
},
{
"_id": null,
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.15"
},
{
"_id": null,
"model": "sterling secure proxy ifix05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.8"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.0"
},
{
"_id": null,
"model": "license metric tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "domino fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.15"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.04"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50001.1"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "35"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.5"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1200"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "37"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5"
},
{
"_id": null,
"model": "infosphere biginsights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.00"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.2"
},
{
"_id": null,
"model": "tivoli storage manageroperations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.2.300"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "27.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "system networking rackswitch g8316",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.1"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"_id": null,
"model": "watson explorer analytical components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.2"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.20"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "websphere real time sr9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "fabric manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "websphere dashboard framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.4"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.1104"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.116"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "algo one core",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9.1"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.27"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"_id": null,
"model": "spss modeler if010",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.7"
},
{
"_id": null,
"model": "flex system fabric si4093 system interconnect module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.7"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "rlks lkad borrow tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.8"
},
{
"_id": null,
"model": "control center ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1"
},
{
"_id": null,
"model": "cognos business viewpoint fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "system networking rackswitch g8332",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.21.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "data studio client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.3"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "multi-enterprise integration gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "rational synergy ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.3"
},
{
"_id": null,
"model": "netezza diagnostics tools",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.2"
},
{
"_id": null,
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.8"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "operations analytics predictive insights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-1.3.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "sterling control center ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.10"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.7"
},
{
"_id": null,
"model": "tivoli directory integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15.0.0.0"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.7"
},
{
"_id": null,
"model": "spss modeler fp1 if006",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.16"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.5"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "oncommand api services",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "40.0.3"
},
{
"_id": null,
"model": "integrated management module ii for bladecenter 1aoo70h-5.40",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.110"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"_id": null,
"model": "rational publishing engine",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "ara",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0"
},
{
"_id": null,
"model": "decision optimization center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.7.0.2"
},
{
"_id": null,
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9"
},
{
"_id": null,
"model": "virtual fabric 10gb switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.8.23.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "g8264cs si fabric image",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "websphere message broker toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.17"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.11"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.10"
},
{
"_id": null,
"model": "ccr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.51"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.2"
},
{
"_id": null,
"model": "vasa provider for clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.8"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.6"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "websphere partner gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.3"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "watson explorer annotation administration console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.2"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.2"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.12"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"_id": null,
"model": "integrated management module ii for bladecenter 1aoo",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.4.1"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.0"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3.2"
},
{
"_id": null,
"model": "infosphere data architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.35"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.32"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "algo one core",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.12"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "websphere real time sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3920"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.16"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.32"
},
{
"_id": null,
"model": "security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "websphere mq internet pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.01"
},
{
"_id": null,
"model": "ftm for cps",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.1"
},
{
"_id": null,
"model": "explorer for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.0.1"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.2.01"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "websphere real time",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "sterling secure proxy ifix04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0.6"
},
{
"_id": null,
"model": "bigfix security compliance analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.2"
},
{
"_id": null,
"model": "spss modeler fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.2.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.4"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.71"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.2"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "35.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.5"
},
{
"_id": null,
"model": "operations analytics predictive insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-1.3.3"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1100"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"_id": null,
"model": "si4093 image",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.0.0.2"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "websphere application server for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.6"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.14"
},
{
"_id": null,
"model": "system networking rackswitch g8332",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.22.0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "infosphere data architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.111"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.18"
},
{
"_id": null,
"model": "websphere real time sr fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3930"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.1"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.4"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.0.9"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "37.0.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "fabric operating system 7.4.1a",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15.0.0.3"
},
{
"_id": null,
"model": "oncommand performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.15"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.3"
},
{
"_id": null,
"model": "websphere partner gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.3"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"_id": null,
"model": "ds8000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3"
},
{
"_id": null,
"model": "decision optimization center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.0.2"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.6"
},
{
"_id": null,
"model": "tivoli composite application manager for soa",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "rlks lkad borrow tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "39.0.3"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2-4"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35001.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"_id": null,
"model": "integration toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.41"
},
{
"_id": null,
"model": "flashsystem 9846-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.4"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.020"
},
{
"_id": null,
"model": "bundle of g8264cs image",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "control center ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14.2"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0.6"
},
{
"_id": null,
"model": "cognos command center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.3"
},
{
"_id": null,
"model": "security guardium data redaction",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.24"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.01"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "cognos command center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "b2b advanced communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.4"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "13.0.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.17"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "ilog optimization decision manager enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.7.0.2"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.1.5"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.21"
},
{
"_id": null,
"model": "watson explorer annotation administration console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.2"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.6"
},
{
"_id": null,
"model": "spss modeler fp3 if013",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.3"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.7"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.802"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.17.1"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "b-type san switches",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "spss modeler fp2 if001",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.2"
},
{
"_id": null,
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.20.2"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"_id": null,
"model": "plug-in for symantec netbackup",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "websphere mq internet pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.12"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "purepower integrated manager kvm host",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.9"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.5.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.3.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.1"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.404"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.12"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.1"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "20.0.1"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"_id": null,
"model": "db2 recovery expert for linux unix and windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.16"
},
{
"_id": null,
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.01"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1000"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.4.1"
},
{
"_id": null,
"model": "operations analytics predictive insights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.7"
},
{
"_id": null,
"model": "decision optimization center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"_id": null,
"model": "db2 recovery expert for linux unix and windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "spss modeler fp3 if028",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "14.2"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.19"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.8"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.7"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.41"
},
{
"_id": null,
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "client application access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.1"
},
{
"_id": null,
"model": "e-series/ef-series santricity management plug-ins",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "websphere partner gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.8"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.2"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.11"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.3"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.88"
},
{
"_id": null,
"model": "tivoli storage manager client management services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.200"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.11"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.5"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.6.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "20.0"
},
{
"_id": null,
"model": "enterprise linux server eus 6.7.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.1.1"
},
{
"_id": null,
"model": "websphere extreme scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.0.13"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.3"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15.0.0.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.3"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.1.8"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.4"
},
{
"_id": null,
"model": "tivoli network manager if0002 ip editio",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.7"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "spss modeler fp3 if023",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "14.2"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "qradar incident forensics",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.9"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "rational publishing engine",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.2.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.18"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.10"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "25.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.1"
},
{
"_id": null,
"model": "predictive insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.18"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.1"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.6.0.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.8"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.54"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.2.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.8"
},
{
"_id": null,
"model": "websphere datapower xc10 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.2"
},
{
"_id": null,
"model": "integrated management module ii for flex systems 1aoo",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.6"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.18"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.6"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "filenet content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.07"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.4"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17.0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "mq light",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "infosphere data architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"_id": null,
"model": "virtual fabric 10gb switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.8.24.0"
},
{
"_id": null,
"model": "control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.14"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.6"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "control center 6.0.0.1ifix01",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.9.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.15"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1.1"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.303"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.9"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.12"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"_id": null,
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0"
},
{
"_id": null,
"model": "tivoli asset discovery for distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.0.1"
},
{
"_id": null,
"model": "rbac user creator for data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.25"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.4"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "flashsystem 9848-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.25"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.16"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "filenet eprocess",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"_id": null,
"model": "directory server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.0"
},
{
"_id": null,
"model": "sterling control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.41"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.5"
},
{
"_id": null,
"model": "operations analytics predictive insights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-1.3.2"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7.5"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "websphere appliance management center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.87"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.3"
},
{
"_id": null,
"model": "security siteprotector system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1"
},
{
"_id": null,
"model": "tivoli storage manageroperations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.100"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "os image for aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.4.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"_id": null,
"model": "websphere extreme scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "spss modeler fp3 if016",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.4"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14.3"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "multi-enterprise integration gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.11"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.8"
},
{
"_id": null,
"model": "fabric manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.04.0048"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.7"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.32"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.10"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.0"
},
{
"_id": null,
"model": "websphere real time sr7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.3"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.22"
},
{
"_id": null,
"model": "ara",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9.1"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.1.23"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.3.1"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1.0"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.51"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7.7"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.37"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.10"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.5"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "cognos command center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.3"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.8.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.303"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "18.0.1"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.2.200"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "sterling secure proxy ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.3"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.11"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.1"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.7"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.5"
},
{
"_id": null,
"model": "algo one core",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.02"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.6"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "websphere real time",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "1/10gb uplink ethernet switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.14.0"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0"
},
{
"_id": null,
"model": "rational synergy ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.3"
},
{
"_id": null,
"model": "filenet content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.6.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.4"
},
{
"_id": null,
"model": "spss modeler fp3 if011",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.7"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.10"
},
{
"_id": null,
"model": "qradar incident forensics",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "linux enterprise module for legacy software",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.11"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.46"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.21"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.10"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.44"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.9"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.12"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.200"
},
{
"_id": null,
"model": "data studio client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.0"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.3"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.5"
},
{
"_id": null,
"model": "smartcloud entry jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.55"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.212"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0"
},
{
"_id": null,
"model": "snapcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.2"
},
{
"_id": null,
"model": "sterling control center ifix04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "39"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.17"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8"
},
{
"_id": null,
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "websphere real time sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3810"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.2"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.5"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"_id": null,
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.132"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14.1"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "sterling control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.1.0"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.021"
},
{
"_id": null,
"model": "websphere partner gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.4"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.16.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "34"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "websphere mq internet pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.302"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.12"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.1.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.9"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0.67"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "29.0.1"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5.0.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.02"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "firefox esr",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.5.2"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.4"
},
{
"_id": null,
"model": "infosphere data architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.20.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "sterling control center ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.34"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"_id": null,
"model": "tivoli netcool configuration manager if001",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"_id": null,
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.029"
},
{
"_id": null,
"model": "integrated management module ii for system 1aoo70h-5.40",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "x"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.6"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "36.0.4"
},
{
"_id": null,
"model": "ilog optimization decision manager enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.4.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.6"
},
{
"_id": null,
"model": "spss collaboration and deployment services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.28"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14.4"
},
{
"_id": null,
"model": "directory server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7"
},
{
"_id": null,
"model": "fibre channel switch",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "22.0"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "37.0.2"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.11"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.52"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "40"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "33"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "system networking rackswitch g8264cs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.27"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.1"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.6"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.10.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "spss collaboration and deployment services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.3"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.4"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.1"
},
{
"_id": null,
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.7"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "18.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.2"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.2"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.13"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.1"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.24"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.13.4"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.0"
},
{
"_id": null,
"model": "tivoli netcool configuration manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.2.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0.1"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.1"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.19"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"_id": null,
"model": "websphere partner gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1"
},
{
"_id": null,
"model": "websphere application server for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.3"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.33"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.3"
},
{
"_id": null,
"model": "bundle of g8264cs image",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "os image for aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.31"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "26.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.10"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"_id": null,
"model": "qradar incident forensics patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.62"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.5"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.6.0.3"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.10"
},
{
"_id": null,
"model": "system networking rackswitch g8264t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.23"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.4"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.26"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.6"
},
{
"_id": null,
"model": "omnifind enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.5"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.16.2.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.2"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"_id": null,
"model": "os image for red hat",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "algo one core",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.3"
},
{
"_id": null,
"model": "snapmanager for sharepoint",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.3"
},
{
"_id": null,
"model": "qradar siem mr2 patch if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.112"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "websphere ilog jrules",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "filenet content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.26"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.10"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.4"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.3.1"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "watson explorer analytical components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.0"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.11"
},
{
"_id": null,
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.8"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.18"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"_id": null,
"model": "tivoli storage manager client management services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"_id": null,
"model": "tivoli directory integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.8"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.0.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.10"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.2"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.6.0"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.31"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.6"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "websphere mq internet pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.8"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.8"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "32.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "spss analytic server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.1"
},
{
"_id": null,
"model": "flex system chassis management module 2pet14c-2.5.5c",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.7"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.4"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "integrated management module ii for flex systems 1aoo70h-5.40",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.22"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"_id": null,
"model": "websphere datapower xc10 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.9"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.7"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.18"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.803"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6.1"
},
{
"_id": null,
"model": "security siteprotector system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.22"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "rational synergy ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.4"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5.0.1"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "28.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.2"
},
{
"_id": null,
"model": "websphere real time sr7 fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"_id": null,
"model": "websphere extreme scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.25"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.13.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.8"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.0.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.8"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0"
},
{
"_id": null,
"model": "sterling control center ifix04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.0.1"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15.0"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1000"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "19.0.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.311"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.3"
},
{
"_id": null,
"model": "ccr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "43.0.2"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.6.0"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.14"
},
{
"_id": null,
"model": "tivoli netcool configuration manager if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.6003"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.3"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.5"
},
{
"_id": null,
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "spss modeler fp2 if006",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.14"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0.66"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.12"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "watson explorer annotation administration console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.03"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.0"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.7"
},
{
"_id": null,
"model": "ftm for cps",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "lotus widget factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "sterling control center ifix06",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.10"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.32"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.8"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.2.05"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"_id": null,
"model": "jrockit r28.3.8",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.6"
},
{
"_id": null,
"model": "websphere partner gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.7"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.4.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "18.0"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "rational synergy ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.7"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.7"
},
{
"_id": null,
"model": "1/10gb uplink ethernet switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.8.23.0"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "spss modeler fp3 if025",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "14.2"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.11"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.5"
},
{
"_id": null,
"model": "ccr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "installation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.8.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7"
},
{
"_id": null,
"model": "websphere real time sr5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "sterling control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "30.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"_id": null,
"model": "spss modeler fp1 if021",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17"
},
{
"_id": null,
"model": "smartcloud entry jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.34"
},
{
"_id": null,
"model": "websphere real time sr8 fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.3"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.3.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.10"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.12"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.5"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "os image for red hat",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "flashsystem 9848-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "28.0.1"
},
{
"_id": null,
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "tivoli storage manager client management service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.000"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.0"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.2"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.5"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "25.0.1"
},
{
"_id": null,
"model": "security access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "29.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "b2b advanced communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.3"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"_id": null,
"model": "rational publishing engine",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.10"
},
{
"_id": null,
"model": "decision optimization center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "websphere partner gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.3"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.10"
},
{
"_id": null,
"model": "control center 6.0.0.0ifix03",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.6"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.1.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.8"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "cognos business viewpoint fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.1"
},
{
"_id": null,
"model": "cognos command center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.23"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"_id": null,
"model": "flex system chassis management module 2pet",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.7"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.5"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.11"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "predictive insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.8"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "system networking rackswitch g8316",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "flex system fabric si4093 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.16"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.1"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"_id": null,
"model": "security directory integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "host on-demand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.19"
},
{
"_id": null,
"model": "sterling connect:direct ftp+",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.1"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17.0.0.1"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "virtual storage console for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "spectrum scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.50"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0.1"
},
{
"_id": null,
"model": "b-type san directors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.6"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.2"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.12"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.9"
},
{
"_id": null,
"model": "content foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.0"
},
{
"_id": null,
"model": "mq light",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.85"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "data studio client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "13.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.6.0.3"
},
{
"_id": null,
"model": "snapcenter plug-in for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.2"
},
{
"_id": null,
"model": "license metric tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.5.1"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "g8264cs si fabric image",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7.2"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "websphere operational decision management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.17"
},
{
"_id": null,
"model": "purepower integrated manager appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.9"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "7-mode transition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.13"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "27.0"
},
{
"_id": null,
"model": "fabric operating system 7.4.1c",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.8"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.5"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.0.1"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.3"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.405"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.4"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "14.2"
},
{
"_id": null,
"model": "websphere partner gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"_id": null,
"model": "websphere extreme scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.32"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.9"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.5"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.1"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.8"
},
{
"_id": null,
"model": "websphere lombardi edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.7"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.4"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.51"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.23"
},
{
"_id": null,
"model": "purepower integrated manager power vc appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.13"
},
{
"_id": null,
"model": "websphere real time sr6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.6"
},
{
"_id": null,
"model": "predictive insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "b2b advanced communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.2"
},
{
"_id": null,
"model": "infosphere biginsights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.2"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.14"
},
{
"_id": null,
"model": "websphere real time sr4-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.0"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.6"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.2.06"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.2"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.4"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1.4"
},
{
"_id": null,
"model": "ilog optimization decision manager enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.11"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.9"
},
{
"_id": null,
"model": "data studio client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.11"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.21"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "12.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.07"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.3.0"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.8"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.3"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.2000"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.13"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "spss modeler fp2 if013",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16"
},
{
"_id": null,
"model": "si4093 image",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.3"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.17"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"_id": null,
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "filenet business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.2.02"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "infosphere data architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "41.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1.1"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.15"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "oncommand cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.6"
},
{
"_id": null,
"model": "ilog optimization decision manager enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.7"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.15"
},
{
"_id": null,
"model": "integrated management module ii for system 1aoo",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "36"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.3"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.1"
},
{
"_id": null,
"model": "watson explorer analytical components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "19.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.12"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.17"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.2"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15.0"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.12"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.3"
},
{
"_id": null,
"model": "flashsystem 9846-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "system networking rackswitch g8264cs",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.17.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.16"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "content foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"_id": null,
"model": "spss analytic server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.10"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.21"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "19.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.0.1"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "netezza diagnostics tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.1"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.26"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "32.0.3"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.4"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7"
},
{
"_id": null,
"model": "cognos command center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.4"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "decision optimization center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.7"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9"
},
{
"_id": null,
"model": "rational publishing engine",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.10"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "sterling secure proxy ifix05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0.6"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.28"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.0.6"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.39"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.2.0"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "1/10gb uplink ethernet switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.8.24.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.3"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.24"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.4"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.8"
},
{
"_id": null,
"model": "omnifind enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.7"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.0.0.0"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"_id": null,
"model": "websphere real time sr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "39"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"_id": null,
"model": "mq appliance m2000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.3"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.3"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "23.0"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.86"
},
{
"_id": null,
"model": "system networking rackswitch g8264t",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.6"
},
{
"_id": null,
"model": "1/10gb uplink ethernet switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.13.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.19"
},
{
"_id": null,
"model": "virtual fabric 10gb switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.1.8"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.7"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.1"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.3"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.3"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "snapcenter plug-in for microsoft sql server",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.6"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.12"
},
{
"_id": null,
"model": "packaging utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.8.4"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.5.3"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.19"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.16"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.3.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.10"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "watson explorer annotation administration console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.3"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.4"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.6"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "virtual fabric 10gb switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.9.0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.9"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "23.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.9"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "34.0.5"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "21.0"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "mq light",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.18"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.2"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.1.237"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.18"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.35"
},
{
"_id": null,
"model": "data studio client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.5"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.14"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.7"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.3"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.12"
},
{
"_id": null,
"model": "oncommand unified manager for clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.0"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "filenet business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.1"
},
{
"_id": null,
"model": "spss collaboration and deployment services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "storage services connector",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1.1"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.0"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "watson explorer analytical components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1"
},
{
"_id": null,
"model": "websphere real time sr9 fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.8"
},
{
"_id": null,
"model": "infosphere biginsights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.01"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.33"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "websphere business events",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.34"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.8"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15.0.0.2"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.010"
}
],
"sources": [
{
"db": "BID",
"id": "79684"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
},
{
"db": "NVD",
"id": "CVE-2015-7575"
}
]
},
"credits": {
"_id": null,
"data": "Karthikeyan Bhargavan",
"sources": [
{
"db": "BID",
"id": "79684"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7575",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7575",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2015-7575",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7575",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-603",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-7575",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7575"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
},
{
"db": "NVD",
"id": "CVE-2015-7575"
}
]
},
"description": {
"_id": null,
"data": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision. Mozilla Network Security Services is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. \nThis issue is fixed in:\nFirefox 43.0.2\nFirefox ESR 38.5.2\nNetwork Security Services 3.20.2. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201801-15\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: PolarSSL: Multiple vulnerabilities\n Date: January 15, 2018\n Bugs: #537108, #620504\n ID: 201801-15\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PolarSSL, the worst of\nwhich may allow remote attackers to execute arbitrary code. \n\nBackground\n==========\n\nPolarSSL is a cryptographic library for embedded systems. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-libs/polarssl \u003c 1.3.9-r1 Vulnerable!\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in PolarSSL. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker might be able to execute arbitrary code, cause Denial\nof Service condition or obtain sensitive information. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nGentoo has discontinued support for PolarSSL and recommends that users\nunmerge the package:\n\n # emerge --unmerge \"net-libs/polarssl\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-1182\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1182\n[ 2 ] CVE-2015-7575\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7575\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201801-15\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n\n--Ph5IIMEQMv2VnlKUQ7M7LCqtbxvbmuakb--\n\n. ==========================================================================\nUbuntu Security Notice USN-2863-1\nJanuary 07, 2016\n\nopenssl vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nOpenSSL could be made to expose sensitive information over the network. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.33\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. Description:\n\nIBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment\nand the IBM Java Software Development Kit. \n\nThis update fixes several vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Further information\nabout these flaws can be found on the IBM Java Security alerts page, listed\nin the References section. (CVE-2015-5041, CVE-2015-7575, CVE-2015-7981,\nCVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448,\nCVE-2016-0466, CVE-2016-0483, CVE-2016-0494)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file. Bugs fixed (https://bugzilla.redhat.com/):\n\n1276416 - CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123\n1281756 - CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions\n1289841 - CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)\n1291312 - CVE-2015-8540 libpng: underflow read in png_check_keyword()\n1298906 - CVE-2016-0494 ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)\n1298957 - CVE-2016-0402 OpenJDK: URL deserialization inconsistencies (Networking, 8059054)\n1299073 - CVE-2016-0448 OpenJDK: logging of RMI connection secrets (JMX, 8130710)\n1299385 - CVE-2016-0466 OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)\n1299441 - CVE-2016-0483 OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)\n1302689 - CVE-2015-5041 IBM JDK: J9 JVM allows code to invoke non-public interface methods\n\n6. \n\nBackground\n==========\n\nmbed TLS (previously PolarSSL) is an \"easy to understand, use,\nintegrate and expand\" implementation of the TLS and SSL protocols and\nthe respective cryptographic algorithms and support code required. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n--meXqunA8BhEhIM1DNPs3RlHKbtgWVCnXm--\n\n. \n\nMore information can be found at\nhttps://www.mitls.org/pages/attacks/SLOTH\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.0.1e-2+deb7u19. \n\nFor the stable distribution (jessie), the testing distribution (stretch)\nand the unstable distribution (sid), this issue was already addressed in\nversion 1.0.1f-1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssl security update\nAdvisory ID: RHSA-2016:0008-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0008.html\nIssue date: 2016-01-07\nUpdated on: 2016-01-08\nCVE Names: CVE-2015-7575 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix one security issue are now available for\nRed Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for\nsigning ServerKeyExchange and Client Authentication packets during a TLS\nhandshake. A man-in-the-middle attacker able to force a TLS connection to\nuse the MD5 hash function could use this flaw to conduct collision attacks\nto impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1289841 - CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-42.el6_7.2.src.rpm\n\ni386:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-static-1.0.1e-42.el6_7.2.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-static-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-42.el6_7.2.src.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-static-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-42.el6_7.2.src.rpm\n\ni386:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\n\nppc64:\nopenssl-1.0.1e-42.el6_7.2.ppc.rpm\nopenssl-1.0.1e-42.el6_7.2.ppc64.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.ppc.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.ppc64.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.ppc.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-42.el6_7.2.s390.rpm\nopenssl-1.0.1e-42.el6_7.2.s390x.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.s390.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.s390x.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.s390.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-static-1.0.1e-42.el6_7.2.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.ppc64.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.ppc64.rpm\nopenssl-static-1.0.1e-42.el6_7.2.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.s390x.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.s390x.rpm\nopenssl-static-1.0.1e-42.el6_7.2.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-static-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-42.el6_7.2.src.rpm\n\ni386:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-static-1.0.1e-42.el6_7.2.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-static-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.2.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.2.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.2.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.2.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.2.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.2.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.2.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.2.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.2.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.2.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.2.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.2.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-7575\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/articles/2112261\nhttp://www.mitls.org/pages/attacks/SLOTH\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWjy/pXlSAg2UNWIIRAuxtAKCKQ2VxTXABN4fn+b0MiLythds2GACfe3fA\nFZkb9bdxBhbyQJXSgVOJ3BA=\n=k57I\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7575"
},
{
"db": "BID",
"id": "79684"
},
{
"db": "VULMON",
"id": "CVE-2015-7575"
},
{
"db": "PACKETSTORM",
"id": "145895"
},
{
"db": "PACKETSTORM",
"id": "135556"
},
{
"db": "PACKETSTORM",
"id": "135166"
},
{
"db": "PACKETSTORM",
"id": "135557"
},
{
"db": "PACKETSTORM",
"id": "143032"
},
{
"db": "PACKETSTORM",
"id": "135210"
},
{
"db": "PACKETSTORM",
"id": "135341"
},
{
"db": "PACKETSTORM",
"id": "135178"
},
{
"db": "PACKETSTORM",
"id": "135177"
}
],
"trust": 2.07
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-7575",
"trust": 2.9
},
{
"db": "BID",
"id": "79684",
"trust": 1.4
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1036467",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1034541",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2015-7575",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145895",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135556",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135166",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135557",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143032",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135210",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135341",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135178",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135177",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7575"
},
{
"db": "BID",
"id": "79684"
},
{
"db": "PACKETSTORM",
"id": "145895"
},
{
"db": "PACKETSTORM",
"id": "135556"
},
{
"db": "PACKETSTORM",
"id": "135166"
},
{
"db": "PACKETSTORM",
"id": "135557"
},
{
"db": "PACKETSTORM",
"id": "143032"
},
{
"db": "PACKETSTORM",
"id": "135210"
},
{
"db": "PACKETSTORM",
"id": "135341"
},
{
"db": "PACKETSTORM",
"id": "135178"
},
{
"db": "PACKETSTORM",
"id": "135177"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
},
{
"db": "NVD",
"id": "CVE-2015-7575"
}
]
},
"id": "VAR-201601-0016",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42407408333333335
},
"last_update_date": "2026-03-03T21:51:15.603000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Mozilla Firefox and Firefox ESR Network Security Services Repair measures for security bypass vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59354"
},
{
"title": "Red Hat: Moderate: nss security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20160007 - Security Advisory"
},
{
"title": "Red Hat: Moderate: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20160008 - Security Advisory"
},
{
"title": "Red Hat: Moderate: gnutls security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20160012 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: openssl vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2863-1"
},
{
"title": "Ubuntu Security Notice: nss vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2864-1"
},
{
"title": "Debian Security Advisories: DSA-3437-1 gnutls26 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=819c25e4161d9c59fbf9d403120315be"
},
{
"title": "Ubuntu Security Notice: gnutls26, gnutls28 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2865-1"
},
{
"title": "Ubuntu Security Notice: firefox vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2866-1"
},
{
"title": "Debian Security Advisories: DSA-3436-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=07247103b9fb762bfde68fed155965f3"
},
{
"title": "Amazon Linux AMI: ALAS-2016-651",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-651"
},
{
"title": "Amazon Linux AMI: ALAS-2016-645",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-645"
},
{
"title": "Mozilla: Mozilla Foundation Security Advisory 2015-150",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=2015-150"
},
{
"title": "Red Hat: CVE-2015-7575",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-7575"
},
{
"title": "Debian Security Advisories: DSA-3457-1 iceweasel -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d48a126fa6377735d59aba73766b6a48"
},
{
"title": "Ubuntu Security Notice: thunderbird vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2904-1"
},
{
"title": "Symantec Security Advisories: SA108 : Transcript Collision Attacks Against TLS 1.2 (SLOTH)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=0c68b89195c7cccd63c86c9e03beac4b"
},
{
"title": "Debian Security Advisories: DSA-3491-1 icedove -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=4a77c8f35d141b32b86ffec7b9604cd1"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2884-1"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720151203\u0027 Advisory Affects Tenable SecurityCenter",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-01"
},
{
"title": "Debian Security Advisories: DSA-3458-1 openjdk-7 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=40831417d121ab10d4dc7fc0d8144eac"
},
{
"title": "Debian Security Advisories: DSA-3465-1 openjdk-6 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=28d9723420cf12ab64c1ab4b2dc2c045"
},
{
"title": "Amazon Linux AMI: ALAS-2016-643",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-643"
},
{
"title": "Amazon Linux AMI: ALAS-2016-661",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-661"
},
{
"title": "Amazon Linux AMI: ALAS-2016-647",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-647"
},
{
"title": "Debian Security Advisories: DSA-3688-1 nss -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=373dcfd6d281e203a1b020510989c2b1"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591"
},
{
"title": "IBM: Security Bulletin: Multiple vulnerabilities in IBM Java affect IBM Netezza Analytics for NPS",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c36fc403a4c2c6439b732d2fca738f58"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=122319027ae43d6d626710f1b1bb1d43"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
},
{
"title": "satellite-host-cve",
"trust": 0.1,
"url": "https://github.com/RedHatSatellite/satellite-host-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7575"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-19",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7575"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/79684"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0056.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2863-1"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2865-1"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201706-18"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201801-15"
},
{
"trust": 1.1,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1158489"
},
{
"trust": 1.1,
"url": "https://developer.mozilla.org/docs/mozilla/projects/nss/nss_3.20.2_release_notes"
},
{
"trust": 1.1,
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-150.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2884-1"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2016:1430"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2904-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3465"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0053.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0054.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0049.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3457"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3491"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0055.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0050.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3437"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3458"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2866-1"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3436"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034541"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2864-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036467"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3688"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20160225-0001/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7575"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-affect-ibm-netezza-analytics/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-affect-ibm-netezza-analytics-for-nps/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-jre-8-0-1-1-affect-ibm-netezza-platform-software-clients/"
},
{
"trust": 0.4,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0008.html"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-7575"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "http://www.mozilla.com/en-us/"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory2.asc"
},
{
"trust": 0.3,
"url": "https://kb.netapp.com/support/index?page=content\u0026id=9010065\u0026actp=rss"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=nas8n1021096"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=nas8n1021133"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974599"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974776"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974922"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21975233"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975893"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975980"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21976006"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976117"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976169"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21976265"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21976339"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21976527"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976852"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976867"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976868"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976926"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977005"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21977045"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977047"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21977054"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977135"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21977202"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977225"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21977244"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/java_jan2016_advisory.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023250"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023284"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023292"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023364"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023378"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023408"
},
{
"trust": 0.3,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2015-150/"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099195"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099200"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099203"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099210"
},
{
"trust": 0.3,
"url": " https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099293"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0012.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982337"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory16.asc"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0007.html"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21979528"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099196"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976573"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978310"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980379"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974637"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099390"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21979761"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005584"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005585"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005588"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005673"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005690"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005722"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005735"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972468"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972469"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974192"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974194"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974473"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974643"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974808"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974877"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974888"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974958"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974965"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975410"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975424"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975573"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975785"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975820"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975823"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975832"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975835"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975877"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975929"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975930"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976042"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976080"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976113"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976217"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976276"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976341"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976362"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976366"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976442"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976476"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976483"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976545"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976553"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976569"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976631"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976678"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976733"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976763"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976765"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976768"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976813"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976842"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976844"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976845"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976854"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976855"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976869"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976886"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976888"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976894"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976896"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976925"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976947"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976957"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977021"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977127"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977129 "
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977347"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977407"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977517"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977518"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977523"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977575"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977618"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977646"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977647"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977664"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977838"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977880"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978008"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978026"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978188"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979194"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979412"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979757"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980965"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981333"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981540"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982445"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982446"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21984483"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099197 "
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0448"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8472"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0448"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0466"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-8126"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8126"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0483"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0483"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0402"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0494"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0466"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0402"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-8472"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0494"
},
{
"trust": 0.2,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7575"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.2,
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5041"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-5041"
},
{
"trust": 0.2,
"url": "https://www.mitls.org/pages/attacks/sloth"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/19.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2016:0007"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2863-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=42929"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1182"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0475"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0098.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0475"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.33"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0099.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-8540"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-7981"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8540"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5291"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5291"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#appendixjava"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2112261"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/gnutls26/2.12.14-5ubuntu3.11"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/gnutls26/2.12.23-12ubuntu2.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/gnutls28/3.3.8-3ubuntu3.2"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7575"
},
{
"db": "BID",
"id": "79684"
},
{
"db": "PACKETSTORM",
"id": "145895"
},
{
"db": "PACKETSTORM",
"id": "135556"
},
{
"db": "PACKETSTORM",
"id": "135166"
},
{
"db": "PACKETSTORM",
"id": "135557"
},
{
"db": "PACKETSTORM",
"id": "143032"
},
{
"db": "PACKETSTORM",
"id": "135210"
},
{
"db": "PACKETSTORM",
"id": "135341"
},
{
"db": "PACKETSTORM",
"id": "135178"
},
{
"db": "PACKETSTORM",
"id": "135177"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
},
{
"db": "NVD",
"id": "CVE-2015-7575"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2015-7575",
"ident": null
},
{
"db": "BID",
"id": "79684",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145895",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135556",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135166",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135557",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "143032",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135210",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135341",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135178",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135177",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-7575",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-01-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7575",
"ident": null
},
{
"date": "2015-12-22T00:00:00",
"db": "BID",
"id": "79684",
"ident": null
},
{
"date": "2018-01-15T16:13:03",
"db": "PACKETSTORM",
"id": "145895",
"ident": null
},
{
"date": "2016-02-02T16:44:07",
"db": "PACKETSTORM",
"id": "135556",
"ident": null
},
{
"date": "2016-01-07T19:23:00",
"db": "PACKETSTORM",
"id": "135166",
"ident": null
},
{
"date": "2016-02-02T16:44:12",
"db": "PACKETSTORM",
"id": "135557",
"ident": null
},
{
"date": "2017-06-20T22:26:17",
"db": "PACKETSTORM",
"id": "143032",
"ident": null
},
{
"date": "2016-01-11T16:57:40",
"db": "PACKETSTORM",
"id": "135210",
"ident": null
},
{
"date": "2016-01-21T14:47:53",
"db": "PACKETSTORM",
"id": "135341",
"ident": null
},
{
"date": "2016-01-08T15:13:28",
"db": "PACKETSTORM",
"id": "135178",
"ident": null
},
{
"date": "2016-01-08T15:13:18",
"db": "PACKETSTORM",
"id": "135177",
"ident": null
},
{
"date": "2015-12-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-603",
"ident": null
},
{
"date": "2016-01-09T02:59:10.910000",
"db": "NVD",
"id": "CVE-2015-7575",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7575",
"ident": null
},
{
"date": "2016-10-26T02:01:00",
"db": "BID",
"id": "79684",
"ident": null
},
{
"date": "2021-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-603",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7575",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "145895"
},
{
"db": "PACKETSTORM",
"id": "135166"
},
{
"db": "PACKETSTORM",
"id": "143032"
},
{
"db": "PACKETSTORM",
"id": "135177"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
}
],
"trust": 1.0
},
"title": {
"_id": null,
"data": "Mozilla Firefox and Firefox ESR Network Security Services Permissions and Access Control Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
}
],
"trust": 0.6
}
}
WID-SEC-W-2023-0428
Vulnerability from csaf_certbund - Published: 2016-01-06 23:00 - Updated: 2024-09-01 22:00Summary
Verschiedene TLS-Implementierungen: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Firefox und Mozilla sind Open Source Web Browser. ESR ist die Variante mit verlängertem Support.
Network Security Services (NSS) ist eine Sammlung von Bibliotheken um bei plattform übergreifenden Entwicklungen Securityfunktionalitäten für Clients und Server bereitzustellen.
GnuTLS (GNU Transport Layer Security Library) ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).
Die Produkte der Red Hat Enterprise Linux Produktfamilie sind Linux-Distribution der Firma Red Hat.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in verschiedenen TLS-Implementierungen ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme: - Appliance
- Linux
- MacOS X
- Sonstiges
- UNIX
- Windows
Es existiert eine Schwachstelle (SLOOTH) in verschiedenen TLS Implementierungen. Ein entfernter, anonymer Angreifer in einer privilegierten Netzwerkposition kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen. Die Schwachstelle besteht aufgrund der Möglichkeit MD5 Signaturen erzwingen zu können, obwohl diese standardmäßig deaktiviert sind. Eine praktische Umsetzung des Angriffs gilt als unwahrscheinlich, da es dazu nötig wäre eine bösartige Signatur in Echtzeit zu generieren, wobei dies derzeit noch nicht möglich ist.
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source OpenSSL <1.0.1f
Open Source / OpenSSL
|
<1.0.1f | ||
|
SUSE Linux Enterprise Server 11 SP3 LTSS
SUSE / Linux Enterprise Server
|
cpe:/o:suse:linux_enterprise_server:11:sp3:ltss
|
11 SP3 LTSS | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Mozilla Firefox <43.0.2
Mozilla / Firefox
|
<43.0.2 | ||
|
Mozilla NSS <3.20.2
Mozilla / NSS
|
<3.20.2 | ||
|
NetApp Data ONTAP
NetApp
|
cpe:/a:netapp:data_ontap:-
|
— | |
|
Red Hat Enterprise Linux 7
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:7
|
7 | |
|
Mozilla Firefox ESR <38.5.2
Mozilla / Firefox ESR
|
<38.5.2 | ||
|
Red Hat Enterprise Linux 5
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:5
|
5 | |
|
Oracle Java SE <=7u79
Oracle / Java SE
|
<=7u79 | ||
|
SUSE Linux Enterprise Server 12 SP1
SUSE / Linux Enterprise Server
|
cpe:/o:suse:linux_enterprise_server:12:sp1
|
12 SP1 | |
|
SUSE Linux Enterprise Desktop 12
SUSE / Linux Enterprise Desktop
|
cpe:/o:suse:linux_enterprise_desktop:12
|
12 | |
|
Oracle Java SE <=8u66
Oracle / Java SE
|
<=8u66 | ||
|
SUSE Linux Enterprise Server 12
SUSE / Linux Enterprise Server
|
cpe:/o:suse:linux_enterprise_server:12
|
12 | |
|
SUSE Linux Enterprise Desktop 12 SP1
SUSE / Linux Enterprise Desktop
|
cpe:/o:suse:linux_enterprise_desktop:12:sp1
|
12 SP1 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source GnuTLS <3.3.15
Open Source / GnuTLS
|
<3.3.15 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
HCL Notes
HCL
|
cpe:/a:hcltech:notes:-
|
— | |
|
Red Hat Enterprise Linux 6
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:6
|
6 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
IBM FlashSystem 840
IBM / FlashSystem
|
cpe:/a:ibm:flashsystem:840
|
840 | |
|
IBM Content Manager 8.5
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.5
|
8.5 |
References
35 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Firefox und Mozilla sind Open Source Web Browser. ESR ist die Variante mit verl\u00e4ngertem Support.\r\nNetwork Security Services (NSS) ist eine Sammlung von Bibliotheken um bei plattform \u00fcbergreifenden Entwicklungen Securityfunktionalit\u00e4ten f\u00fcr Clients und Server bereitzustellen.\r\nGnuTLS (GNU Transport Layer Security Library) ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.\r\nOpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.\r\nDie Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).\r\nDie Produkte der Red Hat Enterprise Linux Produktfamilie sind Linux-Distribution der Firma Red Hat.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in verschiedenen TLS-Implementierungen ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0428 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2023-0428.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0428 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0428"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:0149-1 vom 2016-01-18",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160149-1.html"
},
{
"category": "external",
"summary": "Mozilla Security Advisory MFSA2015-150 vom 2016-01-06",
"url": "https://www.mozilla.org/security/advisories/mfsa2015-150/"
},
{
"category": "external",
"summary": "Security Losses from Obsolete and Truncated Transcript Hashes vom 2016-01-06",
"url": "http://www.mitls.org/pages/attacks/SLOTH"
},
{
"category": "external",
"summary": "GnuTLS Security Advisory GNUTLS-SA-2015-2 vom 2016-01-06",
"url": "http://www.gnutls.org/security.html"
},
{
"category": "external",
"summary": "Red Hat CVE-2015-7575 vom 2016-01-06",
"url": "https://access.redhat.com/security/cve/cve-2015-7575"
},
{
"category": "external",
"summary": "Red Hat Artikel \"SLOTH: TLS 1.2 vulnerability\" vom 2016-01-06",
"url": "https://access.redhat.com/articles/2112261"
},
{
"category": "external",
"summary": "Red Hat Bugzilla Bug 1289841 vom 2016-01-06",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1289841"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:0012 vom 2016-01-07",
"url": "https://rhn.redhat.com/errata/RHSA-2016-0012.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:0008 vom 2016-01-07",
"url": "https://rhn.redhat.com/errata/RHSA-2016-0008.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:0007 vom 2016-01-07",
"url": "https://rhn.redhat.com/errata/RHSA-2016-0007.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-2863-1 vom 2016-01-07",
"url": "http://www.ubuntu.com/usn/usn-2863-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-2864-1 vom 2016-01-07",
"url": "http://www.ubuntu.com/usn/usn-2864-1/"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2016:0007 vom 2016-01-07",
"url": "https://lists.centos.org/pipermail/centos-announce/2016-January/021602.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2016:0007 vom 2016-01-07",
"url": "https://lists.centos.org/pipermail/centos-announce/2016-January/021594.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2016:0012 vom 2016-01-07",
"url": "https://lists.centos.org/pipermail/centos-announce/2016-January/021596.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2016:0012 vom 2016-01-07",
"url": "https://lists.centos.org/pipermail/centos-announce/2016-January/021600.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2016:0008 vom 2016-01-07",
"url": "https://lists.centos.org/pipermail/centos-announce/2016-January/021603.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2016:0008 vom 2016-01-07",
"url": "https://lists.centos.org/pipermail/centos-announce/2016-January/021595.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-2865-1 vom 2016-01-08",
"url": "http://www.ubuntu.com/usn/usn-2865-1/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-3436 vom 2016-01-09",
"url": "https://www.debian.org/security/2016/dsa-3436"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-3437 vom 2016-01-09",
"url": "https://www.debian.org/security/2016/dsa-3437"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-2866-1 vom 2016-01-08",
"url": "http://www.ubuntu.com/usn/usn-2866-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:0189-1 vom 2016-01-21",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160189-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update Announcement ID SUSE-SU-2016:0636-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160636-1.html"
},
{
"category": "external",
"summary": "NetApp Advisory NTAP-20160225-0001",
"url": "https://kb.netapp.com/support/s/article/ka51A00000007A7QAI/cve-2015-7575-tls-vulnerability-in-multiple-netapp-products?language=en_US"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20160225-0001 vom 2018-03-26",
"url": "https://security.netapp.com/advisory/ntap-20160225-0001/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4581 vom 2019-03-13",
"url": "http://linux.oracle.com/errata/ELSA-2019-4581.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4747 vom 2019-08-16",
"url": "http://linux.oracle.com/errata/ELSA-2019-4747.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9150 vom 2021-04-01",
"url": "https://linux.oracle.com/errata/ELSA-2021-9150.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9272 vom 2022-04-08",
"url": "https://linux.oracle.com/errata/ELSA-2022-9272.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 690961 vom 2023-02-20",
"url": "https://www.ibm.com/support/pages/node/690961"
},
{
"category": "external",
"summary": "IBM Security Bulletin 541867 vom 2024-01-29",
"url": "https://www.ibm.com/support/pages/node/541867"
},
{
"category": "external",
"summary": "HCL Article KB0037995 vom 2024-08-30",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0037995"
}
],
"source_lang": "en-US",
"title": "Verschiedene TLS-Implementierungen: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen",
"tracking": {
"current_release_date": "2024-09-01T22:00:00.000+00:00",
"generator": {
"date": "2024-09-02T08:03:30.141+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.6"
}
},
"id": "WID-SEC-W-2023-0428",
"initial_release_date": "2016-01-06T23:00:00.000+00:00",
"revision_history": [
{
"date": "2016-01-06T23:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2016-01-06T23:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-01-06T23:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-01-06T23:00:00.000+00:00",
"number": "4",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-01-06T23:00:00.000+00:00",
"number": "5",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-01-10T23:00:00.000+00:00",
"number": "6",
"summary": "New remediations available"
},
{
"date": "2016-01-10T23:00:00.000+00:00",
"number": "7",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-01-18T23:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2016-01-18T23:00:00.000+00:00",
"number": "9",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-01-21T23:00:00.000+00:00",
"number": "10",
"summary": "New remediations available"
},
{
"date": "2016-01-21T23:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-03-03T23:00:00.000+00:00",
"number": "12",
"summary": "New remediations available"
},
{
"date": "2016-03-03T23:00:00.000+00:00",
"number": "13",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-03-03T23:00:00.000+00:00",
"number": "14",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-02-19T23:00:00.000+00:00",
"number": "15",
"summary": "New remediations available"
},
{
"date": "2017-02-19T23:00:00.000+00:00",
"number": "16",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-03-26T22:00:00.000+00:00",
"number": "17",
"summary": "New remediations available"
},
{
"date": "2018-03-26T22:00:00.000+00:00",
"number": "18",
"summary": "Version nicht vorhanden"
},
{
"date": "2019-03-13T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-08-18T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-03-31T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-04-10T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-02-19T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-01-29T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-09-01T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von HCL aufgenommen"
}
],
"status": "final",
"version": "25"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "HCL Notes",
"product": {
"name": "HCL Notes",
"product_id": "T022546",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:notes:-"
}
}
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM Content Manager 8.5",
"product_id": "T009584",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:content_manager:8.5"
}
}
}
],
"category": "product_name",
"name": "Content Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "840",
"product": {
"name": "IBM FlashSystem 840",
"product_id": "T026432",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:flashsystem:840"
}
}
}
],
"category": "product_name",
"name": "FlashSystem"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c43.0.2",
"product": {
"name": "Mozilla Firefox \u003c43.0.2",
"product_id": "T006722"
}
},
{
"category": "product_version",
"name": "43.0.2",
"product": {
"name": "Mozilla Firefox 43.0.2",
"product_id": "T006722-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox:43.0.2"
}
}
}
],
"category": "product_name",
"name": "Firefox"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c38.5.2",
"product": {
"name": "Mozilla Firefox ESR \u003c38.5.2",
"product_id": "T006723"
}
},
{
"category": "product_version",
"name": "38.5.2",
"product": {
"name": "Mozilla Firefox ESR 38.5.2",
"product_id": "T006723-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox_esr:38.5.2"
}
}
}
],
"category": "product_name",
"name": "Firefox ESR"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.20.2",
"product": {
"name": "Mozilla NSS \u003c3.20.2",
"product_id": "T006724"
}
},
{
"category": "product_version",
"name": "3.20.2",
"product": {
"name": "Mozilla NSS 3.20.2",
"product_id": "T006724-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:network_security_services:3.20.2"
}
}
}
],
"category": "product_name",
"name": "NSS"
}
],
"category": "vendor",
"name": "Mozilla"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp Data ONTAP",
"product": {
"name": "NetApp Data ONTAP",
"product_id": "7654",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:-"
}
}
},
{
"category": "product_name",
"name": "NetApp OnCommand Unified Manager",
"product": {
"name": "NetApp OnCommand Unified Manager",
"product_id": "T009408",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:oncommand_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.3.15",
"product": {
"name": "Open Source GnuTLS \u003c3.3.15",
"product_id": "314645"
}
},
{
"category": "product_version",
"name": "3.3.15",
"product": {
"name": "Open Source GnuTLS 3.3.15",
"product_id": "314645-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gnu:gnutls:3.3.15"
}
}
}
],
"category": "product_name",
"name": "GnuTLS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.0.1f",
"product": {
"name": "Open Source OpenSSL \u003c1.0.1f",
"product_id": "264793"
}
},
{
"category": "product_version",
"name": "1.0.1f",
"product": {
"name": "Open Source OpenSSL 1.0.1f",
"product_id": "264793-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.0.1f"
}
}
}
],
"category": "product_name",
"name": "OpenSSL"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=8u66",
"product": {
"name": "Oracle Java SE \u003c=8u66",
"product_id": "T006725"
}
},
{
"category": "product_version_range",
"name": "\u003c=8u66",
"product": {
"name": "Oracle Java SE \u003c=8u66",
"product_id": "T006725-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=7u79",
"product": {
"name": "Oracle Java SE \u003c=7u79",
"product_id": "T006726"
}
},
{
"category": "product_version_range",
"name": "\u003c=7u79",
"product": {
"name": "Oracle Java SE \u003c=7u79",
"product_id": "T006726-fixed"
}
}
],
"category": "product_name",
"name": "Java SE"
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6",
"product": {
"name": "Red Hat Enterprise Linux 6",
"product_id": "120737",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6"
}
}
},
{
"category": "product_version",
"name": "5",
"product": {
"name": "Red Hat Enterprise Linux 5",
"product_id": "67748",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5"
}
}
},
{
"category": "product_version",
"name": "7",
"product": {
"name": "Red Hat Enterprise Linux 7",
"product_id": "T003303",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12",
"product": {
"name": "SUSE Linux Enterprise Desktop 12",
"product_id": "T003855",
"product_identification_helper": {
"cpe": "cpe:/o:suse:linux_enterprise_desktop:12"
}
}
},
{
"category": "product_version",
"name": "12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "T006804",
"product_identification_helper": {
"cpe": "cpe:/o:suse:linux_enterprise_desktop:12:sp1"
}
}
}
],
"category": "product_name",
"name": "Linux Enterprise Desktop"
},
{
"branches": [
{
"category": "product_version",
"name": "12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "T003856",
"product_identification_helper": {
"cpe": "cpe:/o:suse:linux_enterprise_server:12"
}
}
},
{
"category": "product_version",
"name": "12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "T006803",
"product_identification_helper": {
"cpe": "cpe:/o:suse:linux_enterprise_server:12:sp1"
}
}
},
{
"category": "product_version",
"name": "11 SP3 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3 LTSS",
"product_id": "T007158",
"product_identification_helper": {
"cpe": "cpe:/o:suse:linux_enterprise_server:11:sp3:ltss"
}
}
}
],
"category": "product_name",
"name": "Linux Enterprise Server"
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-7575",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle (SLOOTH) in verschiedenen TLS Implementierungen. Ein entfernter, anonymer Angreifer in einer privilegierten Netzwerkposition kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen. Die Schwachstelle besteht aufgrund der M\u00f6glichkeit MD5 Signaturen erzwingen zu k\u00f6nnen, obwohl diese standardm\u00e4\u00dfig deaktiviert sind. Eine praktische Umsetzung des Angriffs gilt als unwahrscheinlich, da es dazu n\u00f6tig w\u00e4re eine b\u00f6sartige Signatur in Echtzeit zu generieren, wobei dies derzeit noch nicht m\u00f6glich ist."
}
],
"product_status": {
"known_affected": [
"264793",
"T007158",
"T009408",
"T006722",
"T006724",
"7654",
"T003303",
"T006723",
"67748",
"T006726",
"T006803",
"T003855",
"T006725",
"T003856",
"T006804",
"T004914",
"314645",
"2951",
"T000126",
"T022546",
"120737",
"1727",
"T026432",
"T009584"
]
},
"release_date": "2016-01-06T23:00:00.000+00:00",
"title": "CVE-2015-7575"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…