VAR-200611-0210
Vulnerability from variot - Updated: 2025-12-22 20:54The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read. PNG (Portable Network Graphics) Format image processing library libpng In png_set_sPLT() In the function sPLT In the chunk processing code section, PNG There is a problem that memory access violation occurs due to image processing.Web Pre-crafted, installed on site or attached to email png By browsing the file, service operation interruption (DoS) May be in a state. The 'libpng' graphics library is reported prone to a denial-of-service vulnerability. The library fails to perform proper bounds-checking of user-supplied input, which leads to an out-of-bounds read error. Attackers may exploit this vulnerability to crash an application that relies on the affected library. =========================================================== Ubuntu Security Notice USN-383-1 November 16, 2006 libpng vulnerability CVE-2006-5793 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 5.10: libpng10-0 1.0.18-1ubuntu3.1
Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.1
Ubuntu 6.10: libpng12-0 1.2.8rel-5.1ubuntu0.1
After a standard system upgrade you need to reboot your computer to effect the necessary changes.
Details follow:
Tavis Ormandy discovered that libpng did not correctly calculate the size of sPLT structures when reading an image.
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18-1ubuntu3.1.diff.gz
Size/MD5: 12960 3ae9ff536ba163efc00070487687399b
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18-1ubuntu3.1.dsc
Size/MD5: 636 3af55a46b4ada05160527a49c5dd6671
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18.orig.tar.gz
Size/MD5: 506181 40081bdc82e4c6cf782553cd5aa8d9d8
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng2-dev_1.0.18-1ubuntu3.1_all.deb
Size/MD5: 1166 160ce752a119a735d2abf03ec1f1dd55
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng2_1.0.18-1ubuntu3.1_all.deb
Size/MD5: 942 e3c40272cd978953acf3469dbda42a30
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_amd64.deb
Size/MD5: 113890 e395ef9909e34cc4333fb868a7a794f2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_amd64.deb
Size/MD5: 197710 1b46e5c7e431d6640e319ca81f0634ad
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_i386.deb
Size/MD5: 109224 e083cb785e2bc0225b47fee51c69b22b
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_i386.deb
Size/MD5: 186536 476d8276b05d075552fc878547a17092
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_powerpc.deb
Size/MD5: 111444 cda22be3ef3d978e4aa3c7111c7f7436
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_powerpc.deb
Size/MD5: 196744 db0ae3294f47addab0ff52b4d134fff8
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_sparc.deb
Size/MD5: 109078 26672912dc8d37ae7afbc57fba8cc477
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_sparc.deb
Size/MD5: 192902 458ef029777b12b5b4165e63d097c774
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.1.diff.gz
Size/MD5: 16308 c13ba4eb92c046153c73cec343ba0dad
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.1.dsc
Size/MD5: 652 ec80abc5bbe3fb9593374a6df3e5351d
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.1_all.deb
Size/MD5: 842 db0b015e80f042a3311152aad1a1f96f
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_amd64.udeb
Size/MD5: 69468 8c741fd0d0ff83068e6dd78bc2e026c1
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_amd64.deb
Size/MD5: 113808 c86b5b27effab5f974f4f2c4ce743515
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_amd64.deb
Size/MD5: 247500 6493fda0d94d75f2255cb48399fa5fec
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_i386.udeb
Size/MD5: 66918 38259ac6fd9f0b4fc56e59b9b8fa75e4
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_i386.deb
Size/MD5: 111304 440e23028cc1c9de3fb459f8969641d5
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_i386.deb
Size/MD5: 239650 0235a7988ea235573758fd45a7500cf9
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_powerpc.udeb
Size/MD5: 66284 ba2f362738e47667364a69a7425a4bae
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_powerpc.deb
Size/MD5: 110738 27426cfb75acb15305d71a26d79ecf70
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_powerpc.deb
Size/MD5: 245228 297d5a07d22ea0c2deb1e3a2da22cc7d
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_sparc.udeb
Size/MD5: 63820 b28e9240844c87f288986efcfaa6d82b
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_sparc.deb
Size/MD5: 108438 439feb51a430e75b0314ebd0bbe9eeaf
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_sparc.deb
Size/MD5: 240068 f1d19c0623d6a875c240ae809f39cc37
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5.1ubuntu0.1.diff.gz
Size/MD5: 16419 341fce97b60457776d7d5b3045e98ab8
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5.1ubuntu0.1.dsc
Size/MD5: 659 128223fd1ee1485c1edda30965e2c638
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5.1ubuntu0.1_all.deb
Size/MD5: 884 ff80da62782949d9ee6e2f45de7368d8
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_amd64.udeb
Size/MD5: 68974 410bb02f1680b74c0b7bdfe75b6d4f6c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_amd64.deb
Size/MD5: 113470 595b09232667d5f45bfc94cbac2154e4
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_amd64.deb
Size/MD5: 247126 af29f417517106cf651dab5c92ad52ee
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_i386.udeb
Size/MD5: 69914 d335eae45c97a06251e2b1bb263a0f78
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_i386.deb
Size/MD5: 114466 eb4ebc44ac004eddd4ac551f443d9196
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_i386.deb
Size/MD5: 242864 a79b348098a3e5051a93dcc3bfc44f80
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_powerpc.udeb
Size/MD5: 67592 c11829d98adc0dd16883d1b00c773691
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_powerpc.deb
Size/MD5: 112146 e95acde5a5756fe1e8ae3085e160a437
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_powerpc.deb
Size/MD5: 246662 eea28613a44952b49f1ebd1c9365c31e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_sparc.udeb
Size/MD5: 64644 0a019f09ea70eb9e0734542116919875
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_sparc.deb
Size/MD5: 109320 c8c61d5fc9db2c8edf9ca933bc0aeea6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_sparc.deb
Size/MD5: 241060 a4d7a38de962236150bbbb84be9c542f
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200611-09
http://security.gentoo.org/
Severity: Normal Title: libpng: Denial of Service Date: November 17, 2006 Bugs: #154380 ID: 200611-09
Synopsis
A vulnerability in libpng may allow a remote attacker to crash applications that handle untrusted images.
Background
libpng is a free ANSI C library used to process and manipulate PNG images.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libpng < 1.2.13 >= 1.2.13
Description
Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that a vulnerability exists in the sPLT chunk handling code of libpng, a large sPLT chunk may cause an application to attempt to read out of bounds.
Impact
A remote attacker could craft an image that when processed or viewed by an application using libpng causes the application to terminate abnormally.
Workaround
There is no known workaround at this time.
Resolution
All libpng users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.2.13"
References
[ 1 ] CVE-2006-5793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200611-09.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
Do you need accurate and reliable IDS / IPS / AV detection rules?
Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/
TITLE: Apache Tomcat "RemoteFilterValve" Security Bypass Security Issue
SECUNIA ADVISORY ID: SA32213
VERIFY ADVISORY: http://secunia.com/advisories/32213/
CRITICAL: Not critical
IMPACT: Security Bypass
WHERE:
From remote
SOFTWARE: Apache Tomcat 5.x http://secunia.com/advisories/product/3571/ Apache Tomcat 4.x http://secunia.com/advisories/product/328/
DESCRIPTION: A security issue has been reported in Apache Tomcat, which potentially can be exploited by malicious people to bypass certain security restrictions.
The security issue is caused due to a synchronisation problem when checking IP addresses and can be exploited to bypass a filter valve that extends "RemoteFilterValve" and potentially gain access to protected contexts.
The security issue affects version 5.5.0 and versions 4.1.0 through 4.1.31.
SOLUTION: Apache Tomcat 4.x: Update to version 4.1.32 or later.
Apache Tomcat 5.x: Update to version 5.5.1 or later.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Kenichi Tsukamoto of Fujitsu Limited.
ORIGINAL ADVISORY: Apache: http://tomcat.apache.org/security-4.html http://tomcat.apache.org/security-5.html https://issues.apache.org/bugzilla/show_bug.cgi?id=25835
JVN: http://jvn.jp/en/jp/JVN30732239/index.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:212 http://www.mandriva.com/security/
Package : doxygen Date : November 16, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0
Problem Description:
Doxygen is a documentation system for C, C++ and IDL. (CVE-2006-5793)
In addition, an patch to address several old vulnerabilities has been applied to this build. (CAN-2002-1363, CAN-2004-0421, CAN-2004-0597, CAN-2004-0598, CAN-2004-0599)
Packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1363 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3334 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793
Updated Packages:
Mandriva Linux 2006.0: f85fd4b73ca06136e4346df073851e5f 2006.0/i586/doxygen-1.4.4-1.1.20060mdk.i586.rpm 0842c1496bbb02b79d5cef3386b19380 2006.0/SRPMS/doxygen-1.4.4-1.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: fc3e569bd8ad2aa9aea76a6f4246cfec 2006.0/x86_64/doxygen-1.4.4-1.1.20060mdk.x86_64.rpm 0842c1496bbb02b79d5cef3386b19380 2006.0/SRPMS/doxygen-1.4.4-1.1.20060mdk.src.rpm
Mandriva Linux 2007.0: 9d0af28627560057e6c80e64bbacf030 2007.0/i586/doxygen-1.4.7-1.1mdv2007.0.i586.rpm f673aab0185f79a8aa048f69b06807bf 2007.0/SRPMS/doxygen-1.4.7-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 7fca6ebbe6f07e51de7fd771678277b4 2007.0/x86_64/doxygen-1.4.7-1.1mdv2007.0.x86_64.rpm f673aab0185f79a8aa048f69b06807bf 2007.0/SRPMS/doxygen-1.4.7-1.1mdv2007.0.src.rpm
Corporate 3.0: 9452cede2d92671808eebe1adfc395ef corporate/3.0/i586/doxygen-1.3.5-2.1.C30mdk.i586.rpm 9e84b6e12b77f43d123888b7ae05e5f4 corporate/3.0/SRPMS/doxygen-1.3.5-2.1.C30mdk.src.rpm
Corporate 3.0/X86_64: d988dc94c39515b3855116709bcc84de corporate/3.0/x86_64/doxygen-1.3.5-2.1.C30mdk.x86_64.rpm 9e84b6e12b77f43d123888b7ae05e5f4 corporate/3.0/SRPMS/doxygen-1.3.5-2.1.C30mdk.src.rpm
Corporate 4.0: a3b4702c81d1739249d59782efb316dc corporate/4.0/i586/doxygen-1.4.4-1.1.20060mlcs4.i586.rpm 8223a356c6cf8a790dd20b3d70533f19 corporate/4.0/SRPMS/doxygen-1.4.4-1.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 0568b10460c651f18fd3e2a8e76b4300 corporate/4.0/x86_64/doxygen-1.4.4-1.1.20060mlcs4.x86_64.rpm 8223a356c6cf8a790dd20b3d70533f19 corporate/4.0/SRPMS/doxygen-1.4.4-1.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFXMIpmqjQ0CJFipgRAnt1AJ9NuzEsIC9PzHE278eZAhOPHjMh8QCePD/Q pK8OJ2vhx3DqZ400EPH5QMw= =R8Jo -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200611-0210",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "libpng",
"scope": "eq",
"trust": 1.6,
"vendor": "greg roelofs",
"version": "1.2.7rc1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.6,
"vendor": "greg roelofs",
"version": "1.2.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.6,
"vendor": "greg roelofs",
"version": "1.2.7"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.6,
"vendor": "greg roelofs",
"version": "1.2.3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.6,
"vendor": "greg roelofs",
"version": "1.2.8"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.6,
"vendor": "greg roelofs",
"version": "1.2.6"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.6,
"vendor": "greg roelofs",
"version": "1.2.12"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.6,
"vendor": "greg roelofs",
"version": "1.2.11"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.6,
"vendor": "greg roelofs",
"version": "1.2.9"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.6,
"vendor": "greg roelofs",
"version": "1.2.10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.0,
"vendor": "greg roelofs",
"version": "1.0.9"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.0,
"vendor": "greg roelofs",
"version": "1.2.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.0,
"vendor": "greg roelofs",
"version": "1.0.8"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.0,
"vendor": "greg roelofs",
"version": "1.0.6"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.0,
"vendor": "greg roelofs",
"version": "1.2.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.0,
"vendor": "greg roelofs",
"version": "1.0.7"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.0,
"vendor": "greg roelofs",
"version": "1.2.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 1.0,
"vendor": "greg roelofs",
"version": "1.2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.8,
"vendor": "png group",
"version": "1.0.6 to 1.2.12 versions up to"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "wizpy",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "enterprise linux virtualization server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "libpng3",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "libpng3",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.11"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "android software development kit m3-rc37a",
"scope": null,
"trust": 0.3,
"vendor": "google",
"version": null
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.18"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "libpng3",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "android software development kit m5-rc15",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": null
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "enterprise linux hardware certification",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "hat fedora core6",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "messaging storage server mss",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "ses",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ses",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"model": "broker ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "transsoft",
"version": "8.0"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "enterprise linux desktop multi os client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "ses",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "21078"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-295"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000961"
},
{
"db": "NVD",
"id": "CVE-2006-5793"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:libpng:libpng",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_wizpy",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000961"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy from the Gentoo Linux Security Auditing Team discovered this vulnerability.",
"sources": [
{
"db": "BID",
"id": "21078"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-295"
}
],
"trust": 0.9
},
"cve": "CVE-2006-5793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2006-5793",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-5793",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2006-5793",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-200611-295",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-295"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000961"
},
{
"db": "NVD",
"id": "CVE-2006-5793"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read. PNG (Portable Network Graphics) Format image processing library libpng In png_set_sPLT() In the function sPLT In the chunk processing code section, PNG There is a problem that memory access violation occurs due to image processing.Web Pre-crafted, installed on site or attached to email png By browsing the file, service operation interruption (DoS) May be in a state. The \u0027libpng\u0027 graphics library is reported prone to a denial-of-service vulnerability. The library fails to perform proper bounds-checking of user-supplied input, which leads to an out-of-bounds read error. \nAttackers may exploit this vulnerability to crash an application that relies on the affected library. =========================================================== \nUbuntu Security Notice USN-383-1 November 16, 2006\nlibpng vulnerability\nCVE-2006-5793\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 5.10\nUbuntu 6.06 LTS\nUbuntu 6.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 5.10:\n libpng10-0 1.0.18-1ubuntu3.1\n\nUbuntu 6.06 LTS:\n libpng12-0 1.2.8rel-5ubuntu0.1\n\nUbuntu 6.10:\n libpng12-0 1.2.8rel-5.1ubuntu0.1\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes. \n\nDetails follow:\n\nTavis Ormandy discovered that libpng did not correctly calculate the \nsize of sPLT structures when reading an image. \n\n\nUpdated packages for Ubuntu 5.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18-1ubuntu3.1.diff.gz\n Size/MD5: 12960 3ae9ff536ba163efc00070487687399b\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18-1ubuntu3.1.dsc\n Size/MD5: 636 3af55a46b4ada05160527a49c5dd6671\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18.orig.tar.gz\n Size/MD5: 506181 40081bdc82e4c6cf782553cd5aa8d9d8\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng2-dev_1.0.18-1ubuntu3.1_all.deb\n Size/MD5: 1166 160ce752a119a735d2abf03ec1f1dd55\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng2_1.0.18-1ubuntu3.1_all.deb\n Size/MD5: 942 e3c40272cd978953acf3469dbda42a30\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_amd64.deb\n Size/MD5: 113890 e395ef9909e34cc4333fb868a7a794f2\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_amd64.deb\n Size/MD5: 197710 1b46e5c7e431d6640e319ca81f0634ad\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_i386.deb\n Size/MD5: 109224 e083cb785e2bc0225b47fee51c69b22b\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_i386.deb\n Size/MD5: 186536 476d8276b05d075552fc878547a17092\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_powerpc.deb\n Size/MD5: 111444 cda22be3ef3d978e4aa3c7111c7f7436\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_powerpc.deb\n Size/MD5: 196744 db0ae3294f47addab0ff52b4d134fff8\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_sparc.deb\n Size/MD5: 109078 26672912dc8d37ae7afbc57fba8cc477\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_sparc.deb\n Size/MD5: 192902 458ef029777b12b5b4165e63d097c774\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.1.diff.gz\n Size/MD5: 16308 c13ba4eb92c046153c73cec343ba0dad\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.1.dsc\n Size/MD5: 652 ec80abc5bbe3fb9593374a6df3e5351d\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz\n Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.1_all.deb\n Size/MD5: 842 db0b015e80f042a3311152aad1a1f96f\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_amd64.udeb\n Size/MD5: 69468 8c741fd0d0ff83068e6dd78bc2e026c1\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_amd64.deb\n Size/MD5: 113808 c86b5b27effab5f974f4f2c4ce743515\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_amd64.deb\n Size/MD5: 247500 6493fda0d94d75f2255cb48399fa5fec\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_i386.udeb\n Size/MD5: 66918 38259ac6fd9f0b4fc56e59b9b8fa75e4\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_i386.deb\n Size/MD5: 111304 440e23028cc1c9de3fb459f8969641d5\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_i386.deb\n Size/MD5: 239650 0235a7988ea235573758fd45a7500cf9\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_powerpc.udeb\n Size/MD5: 66284 ba2f362738e47667364a69a7425a4bae\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_powerpc.deb\n Size/MD5: 110738 27426cfb75acb15305d71a26d79ecf70\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_powerpc.deb\n Size/MD5: 245228 297d5a07d22ea0c2deb1e3a2da22cc7d\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_sparc.udeb\n Size/MD5: 63820 b28e9240844c87f288986efcfaa6d82b\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_sparc.deb\n Size/MD5: 108438 439feb51a430e75b0314ebd0bbe9eeaf\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_sparc.deb\n Size/MD5: 240068 f1d19c0623d6a875c240ae809f39cc37\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5.1ubuntu0.1.diff.gz\n Size/MD5: 16419 341fce97b60457776d7d5b3045e98ab8\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5.1ubuntu0.1.dsc\n Size/MD5: 659 128223fd1ee1485c1edda30965e2c638\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz\n Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5.1ubuntu0.1_all.deb\n Size/MD5: 884 ff80da62782949d9ee6e2f45de7368d8\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_amd64.udeb\n Size/MD5: 68974 410bb02f1680b74c0b7bdfe75b6d4f6c\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_amd64.deb\n Size/MD5: 113470 595b09232667d5f45bfc94cbac2154e4\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_amd64.deb\n Size/MD5: 247126 af29f417517106cf651dab5c92ad52ee\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_i386.udeb\n Size/MD5: 69914 d335eae45c97a06251e2b1bb263a0f78\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_i386.deb\n Size/MD5: 114466 eb4ebc44ac004eddd4ac551f443d9196\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_i386.deb\n Size/MD5: 242864 a79b348098a3e5051a93dcc3bfc44f80\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_powerpc.udeb\n Size/MD5: 67592 c11829d98adc0dd16883d1b00c773691\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_powerpc.deb\n Size/MD5: 112146 e95acde5a5756fe1e8ae3085e160a437\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_powerpc.deb\n Size/MD5: 246662 eea28613a44952b49f1ebd1c9365c31e\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_sparc.udeb\n Size/MD5: 64644 0a019f09ea70eb9e0734542116919875\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_sparc.deb\n Size/MD5: 109320 c8c61d5fc9db2c8edf9ca933bc0aeea6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_sparc.deb\n Size/MD5: 241060 a4d7a38de962236150bbbb84be9c542f\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200611-09\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: libpng: Denial of Service\n Date: November 17, 2006\n Bugs: #154380\n ID: 200611-09\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA vulnerability in libpng may allow a remote attacker to crash\napplications that handle untrusted images. \n\nBackground\n==========\n\nlibpng is a free ANSI C library used to process and manipulate PNG\nimages. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 media-libs/libpng \u003c 1.2.13 \u003e= 1.2.13\n\nDescription\n===========\n\nTavis Ormandy of the Gentoo Linux Security Audit Team discovered that a\nvulnerability exists in the sPLT chunk handling code of libpng, a large\nsPLT chunk may cause an application to attempt to read out of bounds. \n\nImpact\n======\n\nA remote attacker could craft an image that when processed or viewed by\nan application using libpng causes the application to terminate\nabnormally. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libpng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.2.13\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5793\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200611-09.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\nApache Tomcat \"RemoteFilterValve\" Security Bypass Security Issue\n\nSECUNIA ADVISORY ID:\nSA32213\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/32213/\n\nCRITICAL:\nNot critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nApache Tomcat 5.x\nhttp://secunia.com/advisories/product/3571/\nApache Tomcat 4.x\nhttp://secunia.com/advisories/product/328/\n\nDESCRIPTION:\nA security issue has been reported in Apache Tomcat, which\npotentially can be exploited by malicious people to bypass certain\nsecurity restrictions. \n\nThe security issue is caused due to a synchronisation problem when\nchecking IP addresses and can be exploited to bypass a filter valve\nthat extends \"RemoteFilterValve\" and potentially gain access to\nprotected contexts. \n\nThe security issue affects version 5.5.0 and versions 4.1.0 through\n4.1.31. \n\nSOLUTION:\nApache Tomcat 4.x:\nUpdate to version 4.1.32 or later. \n\nApache Tomcat 5.x:\nUpdate to version 5.5.1 or later. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Kenichi Tsukamoto of Fujitsu Limited. \n\nORIGINAL ADVISORY:\nApache:\nhttp://tomcat.apache.org/security-4.html\nhttp://tomcat.apache.org/security-5.html\nhttps://issues.apache.org/bugzilla/show_bug.cgi?id=25835\n\nJVN:\nhttp://jvn.jp/en/jp/JVN30732239/index.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:212\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : doxygen\n Date : November 16, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0\n _______________________________________________________________________\n \n Problem Description:\n \n Doxygen is a documentation system for C, C++ and IDL. (CVE-2006-5793)\n\n In addition, an patch to address several old vulnerabilities has been\n applied to this build. (CAN-2002-1363, CAN-2004-0421, CAN-2004-0597,\n CAN-2004-0598, CAN-2004-0599)\n\n Packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1363\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3334\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n f85fd4b73ca06136e4346df073851e5f 2006.0/i586/doxygen-1.4.4-1.1.20060mdk.i586.rpm \n 0842c1496bbb02b79d5cef3386b19380 2006.0/SRPMS/doxygen-1.4.4-1.1.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n fc3e569bd8ad2aa9aea76a6f4246cfec 2006.0/x86_64/doxygen-1.4.4-1.1.20060mdk.x86_64.rpm \n 0842c1496bbb02b79d5cef3386b19380 2006.0/SRPMS/doxygen-1.4.4-1.1.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 9d0af28627560057e6c80e64bbacf030 2007.0/i586/doxygen-1.4.7-1.1mdv2007.0.i586.rpm \n f673aab0185f79a8aa048f69b06807bf 2007.0/SRPMS/doxygen-1.4.7-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 7fca6ebbe6f07e51de7fd771678277b4 2007.0/x86_64/doxygen-1.4.7-1.1mdv2007.0.x86_64.rpm \n f673aab0185f79a8aa048f69b06807bf 2007.0/SRPMS/doxygen-1.4.7-1.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n 9452cede2d92671808eebe1adfc395ef corporate/3.0/i586/doxygen-1.3.5-2.1.C30mdk.i586.rpm \n 9e84b6e12b77f43d123888b7ae05e5f4 corporate/3.0/SRPMS/doxygen-1.3.5-2.1.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n d988dc94c39515b3855116709bcc84de corporate/3.0/x86_64/doxygen-1.3.5-2.1.C30mdk.x86_64.rpm \n 9e84b6e12b77f43d123888b7ae05e5f4 corporate/3.0/SRPMS/doxygen-1.3.5-2.1.C30mdk.src.rpm\n\n Corporate 4.0:\n a3b4702c81d1739249d59782efb316dc corporate/4.0/i586/doxygen-1.4.4-1.1.20060mlcs4.i586.rpm \n 8223a356c6cf8a790dd20b3d70533f19 corporate/4.0/SRPMS/doxygen-1.4.4-1.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 0568b10460c651f18fd3e2a8e76b4300 corporate/4.0/x86_64/doxygen-1.4.4-1.1.20060mlcs4.x86_64.rpm \n 8223a356c6cf8a790dd20b3d70533f19 corporate/4.0/SRPMS/doxygen-1.4.4-1.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFXMIpmqjQ0CJFipgRAnt1AJ9NuzEsIC9PzHE278eZAhOPHjMh8QCePD/Q\npK8OJ2vhx3DqZ400EPH5QMw=\n=R8Jo\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5793"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000961"
},
{
"db": "BID",
"id": "21078"
},
{
"db": "PACKETSTORM",
"id": "52296"
},
{
"db": "PACKETSTORM",
"id": "52280"
},
{
"db": "PACKETSTORM",
"id": "52283"
},
{
"db": "PACKETSTORM",
"id": "70882"
},
{
"db": "PACKETSTORM",
"id": "52286"
},
{
"db": "PACKETSTORM",
"id": "52287"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-5793",
"trust": 3.2
},
{
"db": "BID",
"id": "21078",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "22900",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1017244",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "22950",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22956",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23208",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "25329",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22889",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23335",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22951",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "25742",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "29420",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22958",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22941",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-4521",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2008-0924",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-4568",
"trust": 1.6
},
{
"db": "XF",
"id": "30290",
"trust": 1.4
},
{
"db": "USCERT",
"id": "TA08-079A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA08-079A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000961",
"trust": 0.8
},
{
"db": "MANDRIVA",
"id": "MDKSA-2006:212",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2006:211",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2006:210",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2006:209",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080304 CORE-2008-0124: MULTIPLE VULNERABILITIES IN GOOGLE\u0027S ANDROID SDK",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20061204 RPSA-2006-0211-2 DOXYGEN LIBPNG",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20061115 RPSA-2006-0211-1 LIBPNG",
"trust": 0.6
},
{
"db": "OPENPKG",
"id": "OPENPKG-SA-2006.036",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-383-1",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2006:028",
"trust": 0.6
},
{
"db": "TRUSTIX",
"id": "2006-0065",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2007:0356",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2008-03-18",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200611-09",
"trust": 0.6
},
{
"db": "SLACKWARE",
"id": "SSA:2006-335-03",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200611-295",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "32213",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "52296",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52280",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52283",
"trust": 0.1
},
{
"db": "JVN",
"id": "JVN30732239",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70882",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52286",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52287",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "21078"
},
{
"db": "PACKETSTORM",
"id": "52296"
},
{
"db": "PACKETSTORM",
"id": "52280"
},
{
"db": "PACKETSTORM",
"id": "52283"
},
{
"db": "PACKETSTORM",
"id": "70882"
},
{
"db": "PACKETSTORM",
"id": "52286"
},
{
"db": "PACKETSTORM",
"id": "52287"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-295"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000961"
},
{
"db": "NVD",
"id": "CVE-2006-5793"
}
]
},
"id": "VAR-200611-0210",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.96590906
},
"last_update_date": "2025-12-22T20:54:51.601000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1249"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1249?viewlocale=ja_JP"
},
{
"title": "15 November 2006",
"trust": 0.8,
"url": "http://libpng.sourceforge.net/libpng-1.2.12-ADVISORY.txt"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.libpng.org/"
},
{
"title": "1511",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1511"
},
{
"title": "1023",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1023"
},
{
"title": "RHSA-2007:0356",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0356.html"
},
{
"title": "TLSA-2007-45",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/TLSA-2007-45.txt"
},
{
"title": "TLSA-2007-49",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/TLSA-2007-49.txt"
},
{
"title": "RHSA-2007:0356",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0356J.html"
},
{
"title": "TLSA-2007-45",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2007/TLSA-2007-45j.txt"
},
{
"title": "TLSA-2007-49",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2007/TLSA-2007-49j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000961"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/21078"
},
{
"trust": 2.4,
"url": "http://securitytracker.com/id?1017244"
},
{
"trust": 1.9,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=154380"
},
{
"trust": 1.9,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-254.htm"
},
{
"trust": 1.9,
"url": "https://issues.rpath.com/browse/rpl-790"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-200611-09.xml"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-383-1"
},
{
"trust": 1.6,
"url": "http://sourceforge.net/project/shownotes.php?release_id=464278"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22958"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22956"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22900"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22889"
},
{
"trust": 1.6,
"url": "http://bugs.gentoo.org/attachment.cgi?id=101400\u0026action=view"
},
{
"trust": 1.6,
"url": "http://www.trustix.org/errata/2006/0065/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22951"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22950"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22941"
},
{
"trust": 1.6,
"url": "https://issues.rpath.com/browse/rpl-824"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0356.html"
},
{
"trust": 1.6,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.036.html"
},
{
"trust": 1.6,
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:212"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:211"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:210"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:209"
},
{
"trust": 1.6,
"url": "http://www.coresecurity.com/?action=item\u0026id=2148"
},
{
"trust": 1.6,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.465035"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/29420"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25742"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25329"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23335"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23208"
},
{
"trust": 1.6,
"url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
},
{
"trust": 1.6,
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/30290"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2006/4521"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5793"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/453484/100/100/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4568"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489135/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10324"
},
{
"trust": 1.0,
"url": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4521"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30290"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/451874/100/200/threaded"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-079a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-079a/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5793"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22900/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-079a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-079a.html"
},
{
"trust": 0.6,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2006:212"
},
{
"trust": 0.6,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2006:211"
},
{
"trust": 0.6,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2006:210"
},
{
"trust": 0.6,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2006:209"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/4568"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/489135/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/453484/100/100/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/451874/100/200/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/0924/references"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5793"
},
{
"trust": 0.3,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0356.html"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3334"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3334"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0599"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2002-1363"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0421"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0598"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0597"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5.1ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18-1ubuntu3.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5.1ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18-1ubuntu3.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng2-dev_1.0.18-1ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5.1ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng2_1.0.18-1ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/32213/"
},
{
"trust": 0.1,
"url": "http://secunia.com/binary_analysis/sample_analysis/"
},
{
"trust": 0.1,
"url": "http://jvn.jp/en/jp/jvn30732239/index.html"
},
{
"trust": 0.1,
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=25835"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/328/"
},
{
"trust": 0.1,
"url": "http://tomcat.apache.org/security-5.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/3571/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://tomcat.apache.org/security-4.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "BID",
"id": "21078"
},
{
"db": "PACKETSTORM",
"id": "52296"
},
{
"db": "PACKETSTORM",
"id": "52280"
},
{
"db": "PACKETSTORM",
"id": "52283"
},
{
"db": "PACKETSTORM",
"id": "70882"
},
{
"db": "PACKETSTORM",
"id": "52286"
},
{
"db": "PACKETSTORM",
"id": "52287"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-295"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000961"
},
{
"db": "NVD",
"id": "CVE-2006-5793"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "21078"
},
{
"db": "PACKETSTORM",
"id": "52296"
},
{
"db": "PACKETSTORM",
"id": "52280"
},
{
"db": "PACKETSTORM",
"id": "52283"
},
{
"db": "PACKETSTORM",
"id": "70882"
},
{
"db": "PACKETSTORM",
"id": "52286"
},
{
"db": "PACKETSTORM",
"id": "52287"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-295"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000961"
},
{
"db": "NVD",
"id": "CVE-2006-5793"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-11-14T00:00:00",
"db": "BID",
"id": "21078"
},
{
"date": "2006-11-19T01:47:03",
"db": "PACKETSTORM",
"id": "52296"
},
{
"date": "2006-11-18T01:00:18",
"db": "PACKETSTORM",
"id": "52280"
},
{
"date": "2006-11-18T01:41:02",
"db": "PACKETSTORM",
"id": "52283"
},
{
"date": "2008-10-13T22:53:24",
"db": "PACKETSTORM",
"id": "70882"
},
{
"date": "2006-11-18T01:44:10",
"db": "PACKETSTORM",
"id": "52286"
},
{
"date": "2006-11-18T01:44:43",
"db": "PACKETSTORM",
"id": "52287"
},
{
"date": "2006-11-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-295"
},
{
"date": "2007-06-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000961"
},
{
"date": "2006-11-17T23:07:00",
"db": "NVD",
"id": "CVE-2006-5793"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-03-19T02:30:00",
"db": "BID",
"id": "21078"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-295"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000961"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-5793"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-295"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libpng of png_set_sPLT() Denial of service in function (DoS) Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000961"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-295"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…