Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2011-0195
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T21:43:15.431Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT4723" }, { "name": "APPLE-SA-2011-06-23-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html" }, { "name": "1025365", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1025365" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT4808" }, { "name": "APPLE-SA-2011-04-14-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html" }, { "name": "APPLE-SA-2011-07-20-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2011-04-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2011-04-21T09:00:00", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT4723" }, { "name": "APPLE-SA-2011-06-23-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html" }, { "name": "1025365", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1025365" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT4808" }, { "name": "APPLE-SA-2011-04-14-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html" }, { "name": "APPLE-SA-2011-07-20-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2011-0195", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT4723", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4723" }, { "name": "APPLE-SA-2011-06-23-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html" }, { "name": "1025365", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025365" }, { "name": "http://support.apple.com/kb/HT4808", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4808" }, { "name": "APPLE-SA-2011-04-14-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html" }, { "name": "APPLE-SA-2011-07-20-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2011-0195", "datePublished": "2011-04-15T19:00:00", "dateReserved": "2010-12-23T00:00:00", "dateUpdated": "2024-08-06T21:43:15.431Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2011-0195\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2011-04-15T19:55:00.653\",\"lastModified\":\"2024-11-21T01:23:31.187\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n XPath generate-id de libxslt de Apple iOS 4.3.x anteriores a 4.3.2 permite a atacantes remotos recopilar informaci\u00f3n confidencial sobre las direcciones de memoria din\u00e1mica a trav\u00e9s de una p\u00e1gina web modificada. NOTA: puede sobrelapar la CVE-2011-1202.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7252935C-E421-4339-B61F-0299E28888DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DD342BF-096A-4082-B700-19629F2BDE87\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4723\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4808\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securitytracker.com/id?1025365\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4723\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1025365\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
var-201104-0256
Vulnerability from variot
The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202. libxslt is prone to a remote information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. NOTE: This issue was previously discussed in BID 47635 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-12 through -18 Multiple Vulnerabilities) and BID 46785 (Google Chrome prior to 10.0.648.127 Multiple Security Vulnerabilities) but has been moved to its own record to better document it. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03280632 Version: 1
HPSBMU02764 SSRT100827 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-04-16 Last Updated: 2012-04-16
Potential Security Impact: Remote cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities.
References: CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192, CVE-2011-3267, CVE-2011-3268, CVE-2011-3207, CVE-2011-3210, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639, CVE-2011-3846, SSRT100376, CVE-2011-4317, CVE-2012-0135, SSRT100609, CVE-2012-1993, SSRT10043
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) before v7.0 running on Linux and Windows.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2009-0037 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-0734 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-1452 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-1623 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-2068 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-2791 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-3436 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2010-4409 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-4645 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0195 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1148 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1153 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1464 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1467 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-1468 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1471 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1928 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1938 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1945 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2011-2192 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-2202 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 CVE-2011-2483 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3182 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3189 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2011-3267 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3268 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-3207 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2011-3210 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3348 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-3368 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3639 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2011-3846 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2011-4317 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-0135 (AV:N/AC:M/Au:S/C:N/I:N/A:P) 3.5 CVE-2012-1993 (AV:L/AC:L/Au:S/C:P/I:P/A:N) 3.2 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks Sow Ching Shiong coordinating with Secunia for reporting CVE-2011-3846 to security-alert@hp.com.
RESOLUTION
HP has provided HP System Management Homepage v7.0 or subsequent to resolve the vulnerabilities.
SMH v7.0 is available here: http://h18000.www1.hp.com/products/servers/management/agents/index.html
HISTORY Version:1 (rev.1) 16 April 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk+MKDYACgkQ4B86/C0qfVkIIgCeIhDxobSe39v5hyk0GRrO6Zaw OHIAoMmRE1imNBs6CtS/6/l1kZY3fwop =hsl/ -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
Safari 5.1 and Safari 5.0.6 are now available and address the following:
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: In certain situations, Safari may treat a file as HTML, even if it is served with the 'text/plain' content type. This may lead to a cross-site scripting attack on sites that allow untrusted users to post text files. This issue is addressed through improved handling of 'text/plain' content. CVE-ID CVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability Research (MSVR), Neal Poole of Matasano Security
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Authenticating to a maliciously crafted website may lead to arbitrary code execution Description: The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems. CVE-ID CVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: A root certificate that is disabled may still be trusted Description: CFNetwork did not properly validate that a certificate was trusted for use by a SSL server. As a result, if the user had marked a system root certificate as not trusted, Safari would still accept certificates signed by that root. This issue is addressed through improved certificate validation. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0214 : An anonymous reporter
ColorSync Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative
CoreFoundation Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution Description: An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0201 : Harry Sintonen
CoreGraphics Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team
International Components for Unicode Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ICU's handling of uppercase strings. Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0206 : David Bienvenu of Mozilla
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A reentrancy issue existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure
libxslt Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap Description: libxslt's implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0195 : Chris Evans of the Google Chrome Security Team
libxml Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team
Safari Available for: Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: If the "AutoFill web forms" feature is enabled, visiting a maliciously crafted website and typing may lead to the disclosure of information from the user's Address Book Description: Safari's "AutoFill web forms" feature filled in non- visible form fields, and the information was accessible by scripts on the site before the user submitted the form. This issue is addressed by displaying all fields that will be filled, and requiring the user's consent before AutoFill information is available to the form. CVE-ID CVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah Grossman]
Safari Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: With a certain Java configuration, visiting a malicious website may lead to unexpected text being displayed on other sites Description: A cross origin issue existed in the handling of Java Applets. This applies when Java is enabled in Safari, and Java is configured to run within the browser process. Fonts loaded by a Java applet could affect the display of text content from other sites. This issue is addressed by running Java applets in a separate process. CVE-ID CVE-2011-0219 : Joshua Smith of Kaon Interactive
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability Research (MSVR), wushi of team509, and Yong Li of Research In Motion Ltd CVE-2011-0164 : Apple CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative, wushi of team509 working with iDefense VCP CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0237 : wushi of team509 working with iDefense VCP CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0240 : wushi of team509 working with iDefense VCP CVE-2011-0253 : Richard Keen CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski, wushi of team 509 working with iDefense VCP CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings. CVE-ID CVE-2011-1774 : Nicolas Gregoire of Agarri
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: A cross-origin issue existed in the handling of Web Workers. Visiting a maliciously crafted website may lead to an information disclosure. CVE-ID CVE-2011-1190 : Daniel Divricean of divricean.ro
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. Visiting a maliciously crafted website may lead to a cross-site scripting attack. This issue is addressed through improved handling of URLs with an embedded username. CVE-ID CVE-2011-0242 : Jobert Abma of Online24
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of DOM nodes. Visiting a maliciously crafted website may lead to a cross- site scripting attack. CVE-ID CVE-2011-1295 : Sergey Glazunov
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. A maliciously crafted website may have been able to cause a different URL to be shown in the address bar. CVE-ID CVE-2011-1107 : Jordi Chancel
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to an information disclosure Description: A canonicalization issue existed in the handling of URLs. Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to arbitrary files being sent from the user's system to a remote server. This update addresses the issue through improved handling of URLs. CVE-ID CVE-2011-0244 : Jason Hullinger
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Applications that use WebKit, such as mail clients, may connect to an arbitrary DNS server upon processing HTML content Description: DNS prefetching was enabled by default in WebKit. Applications that use WebKit, such a s mail clients, may connect to an arbitrary DNS server upon processing HTML content. This update addresses the issue by requiring applications to opt in to DNS prefetching. CVE-ID CVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd.
Note: Safari 5.1 is included with OS X Lion.
Safari 5.1 and Safari 5.0.6 address the same set of security issues. Safari 5.1 is provided for Mac OS X v10.6, and Windows systems. Safari 5.0.6 is provided for Mac OS X v10.5 systems.
Safari 5.1 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/
Safari 5.0.6 is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Safari for Mac OS X v10.6.8 and later The download file is named: Safari5.1SnowLeopard.dmg Its SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24
Safari for Mac OS X v10.5.8 The download file is named: Safari5.0.6Leopard.dmg Its SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f
Safari for Windows 7, Vista or XP The download file is named: SafariSetup.exe Its SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36
Safari for Windows 7, Vista or XP from the Microsoft Choice Screen The download file is named: Safari_Setup.exe Its SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b
Safari+QuickTime for Windows 7, Vista or XP The file is named: SafariQuickTimeSetup.exe Its SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin)
iQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw up9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD MeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY nKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb vesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/ KD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ= =fOfF -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
A step-by-step discussion of the latest Flash Player 0-day exploit: http://secunia.com/blog/210
TITLE: Apple iOS Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA44207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44207
RELEASE DATE: 2011-04-16
DISCUSS ADVISORY: http://secunia.com/advisories/44207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/44207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=44207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Some vulnerabilities has been reported in Apple iOS, which can be exploited by malicious people to disclose system information and compromise a vulnerable device.
For more information: SA43832
SOLUTION: Upgrade to iOS 4.3.2 (downloadable and installable via iTunes).
ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4606
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201104-0256", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "iphone os", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "4.3.1" }, { "model": "iphone os", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "4.3.0" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.5.8" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.6 to v10.6.7" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.5.8" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.6 to v10.6.7" }, { "model": "ios", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "3.0 to 4.3.1 (iphone 3gs after )" }, { "model": "ios", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "3.1 to 4.3.1 (ipod touch (3rd generation) after )" }, { "model": "ios", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "3.2 to 4.3.1 (ipad for )" }, { "model": "ipad", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "iphone", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "ipod touch", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "safari", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.17" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.11" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.5" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "safari", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.6" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.1" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "linux enterprise sdk sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.539.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.529.0" }, { "model": "safari for windows", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.203" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.105" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.499.1" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.7" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.4" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.39" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.507.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.1" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.213" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.306" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.530.0" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.19" }, { "model": "freeflow print server 81.d0.73", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.11" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.208" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.507.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.18" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.10" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.15" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.12" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.0-68" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.5" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2-77" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.225" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.8" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.20" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.535.2" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.514.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "9.0.597.107" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.219" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.14" }, { "model": "aura system platform sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2.77" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.218" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.217" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.27" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.2" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.7" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.27" }, { "model": "linux enterprise server sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.518.0" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.6" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.96" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.38" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.2" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.9" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.536.0" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.23" }, { "model": "freeflow print server 90.d3.06", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.3.0.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.11" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.4" }, { "model": "one-x client enablement service", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.209" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.226" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.37" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.10" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.3" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.4" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.531.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.26" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.8" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.17" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.13" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.0.33" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.216" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.344" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.512.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.5" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.200" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.2" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "seamonkey beta", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.02" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2009.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.537.0" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.68" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.513.0" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.6" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0.102" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.2" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.3" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.23" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.303" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.506.0" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.3" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.2" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2" }, { "model": "chrome", "scope": "ne", "trust": 0.3, "vendor": "google", "version": "10.0.648.127" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.18" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0-103" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "12.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0.95" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.211" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.18" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.104" }, { "model": "enterprise linux desktop version", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.12" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0-95" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2011" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.26" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.13" }, { "model": "system management homepage", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.511.4" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.15" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.10" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.503.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.521.0" }, { "model": "enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.507.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.520.0" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.528.0" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.17" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.35" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.215" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.0" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.31" }, { "model": "linux lts sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.9" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.10" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.5" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.498.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.16" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.302" }, { "model": "messaging storage server sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.310" }, { "model": "messaging storage server sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.515.0" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.12" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.34" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.1-73" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.499.0" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.14" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.13" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.13" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.511.2" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.529.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.503.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.24" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.15" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.33" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.22" }, { "model": "linux enterprise server sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.202" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.12" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.4" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.16" }, { "model": "system management homepage b", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2.77" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.507.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.36" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.42" }, { "model": "message networking sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.549.0" }, { "model": "seamonkey rc2", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.13" }, { "model": "firefox beta", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.63" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.64" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.207" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "freeflow print server 82.d1.44", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura system manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.516.0" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.3" }, { "model": "messaging storage server sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.1" }, { "model": "enterprise server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.5" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "linux x86 64 -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.522.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.3" }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "3.5.19" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "9.0.597.94" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.8" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "enterprise linux hpc node optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.223" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.10" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.20" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.6" }, { "model": "freeflow print server 73.c5.11", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.6" }, { "model": "voice portal sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1.1" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.0.15" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.531.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.536.4" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.3" }, { "model": "enterprise server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.28" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.3.9.3" }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "4.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.30" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.6" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.5" }, { "model": "esx", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "4.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.551.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.19" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.301" }, { "model": "freeflow print server 93.c4.93", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.544.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.500.1" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.14" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.4" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.7" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.21" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.222" }, { "model": "enterprise linux workstation optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.21" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.25" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.12" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2009.0" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.4" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "seamonkey beta", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.01" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "linux enterprise server sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.5" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.37" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.100" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.540.0" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.24" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.14" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.542.0" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.1" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6" }, { "model": "internet explorer", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "8" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.529.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.7" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.510.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "firefox beta", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.62" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.547.1" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.536.2" }, { "model": "safari for windows", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.9" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.9" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2011" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.13" }, { "model": "linux lts lpia", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.1" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.551.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.547.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.509.0" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.4" }, { "model": "aura presence services sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.40" }, { "model": "aura presence services sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "seamonkey alpha", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.03" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.2" }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "3.6.17" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.514.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.15" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "safari beta", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.212" }, { "model": "messaging storage server sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "ipad", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "0" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.29" }, { "model": "ios", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "4.3.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.206" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.8" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.8" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.2" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "4.0" }, { "model": "freeflow print server 93.e0.21c", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.19" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.5" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.11" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.0-12" }, { "model": "linux x86 64", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.25" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.220" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.101" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.14" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.12" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.7" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "linux x86 64", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.0" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.511.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.531.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.20" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.300" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.535.1" }, { "model": "enterprise linux server optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.10" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.1.73" }, { "model": "seamonkey", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "2.0.14" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.541.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.221" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.536.1" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.524.0" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.102" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.16" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.17" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.307" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.4" }, { "model": "linux lts powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.2" }, { "model": "seamonkey rc1", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0" }, { "model": "linux enterprise sdk sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux x86 64", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.37" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.205" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.16" }, { "model": "mac os server", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "x10.6.8" }, { "model": "safari", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.204" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.1" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.8" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.526.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.21" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.505.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.497.0" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "linux -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "aura system platform sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "linux enterprise desktop sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.103" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.224" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "linux lpia", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "seamonkey alpha", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.02" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.548.0" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "aura system platform sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.0" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "enterprise linux desktop optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.308" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "9.0.597.84" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.210" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.550.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.525.0" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "enterprise linux hpc node", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "ios beta", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.500.0" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.309" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.214" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0.103" }, { "model": "libxslt", "scope": "eq", "trust": 0.3, "vendor": "xmlsoft", "version": "1.1.18" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "0" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.1" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.7" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "seamonkey alpha", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.01" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.201" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.11" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.32" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.22" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.43" }, { "model": "mac os", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "x10.6.8" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.504.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.44" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.1" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.304" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.11" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.305" }, { "model": "enterprise linux desktop workstation client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.237" }, { "model": "linux enterprise desktop sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.41" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.3" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "freeflow print server 73.d2.33", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.16" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.536.3" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.538.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.519.0" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "messaging storage server sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" } ], "sources": [ { "db": "BID", "id": "47668" }, { "db": "JVNDB", "id": "JVNDB-2011-001529" }, { "db": "CNNVD", "id": "CNNVD-201104-159" }, { "db": "NVD", "id": "CVE-2011-0195" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:apple:mac_os_x", "vulnerable": true }, { "cpe22Uri": "cpe:/o:apple:mac_os_x_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:apple:iphone_os", "vulnerable": true }, { "cpe22Uri": "cpe:/h:apple:ipad", "vulnerable": true }, { "cpe22Uri": "cpe:/h:apple:iphone", "vulnerable": true }, { "cpe22Uri": "cpe:/h:apple:ipod_touch", "vulnerable": true }, { "cpe22Uri": "cpe:/a:apple:safari", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-001529" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Chris Evans", "sources": [ { "db": "BID", "id": "47668" } ], "trust": 0.3 }, "cve": "CVE-2011-0195", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2011-0195", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-48140", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2011-0195", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2011-0195", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-201104-159", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-48140", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-48140" }, { "db": "JVNDB", "id": "JVNDB-2011-001529" }, { "db": "CNNVD", "id": "CNNVD-201104-159" }, { "db": "NVD", "id": "CVE-2011-0195" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202. libxslt is prone to a remote information-disclosure vulnerability. \nAn attacker can exploit this issue to obtain sensitive information that may aid in further attacks. \nNOTE: This issue was previously discussed in BID 47635 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-12 through -18 Multiple Vulnerabilities) and BID 46785 (Google Chrome prior to 10.0.648.127 Multiple Security Vulnerabilities) but has been moved to its own record to better document it. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03280632\nVersion: 1\n\nHPSBMU02764 SSRT100827 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2012-04-16\nLast Updated: 2012-04-16\n\nPotential Security Impact: Remote cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. \n\nReferences: CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192, CVE-2011-3267, CVE-2011-3268, CVE-2011-3207, CVE-2011-3210, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639, CVE-2011-3846, SSRT100376, CVE-2011-4317, CVE-2012-0135, SSRT100609, CVE-2012-1993, SSRT10043\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP System Management Homepage (SMH) before v7.0 running on Linux and Windows. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2009-0037 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2010-0734 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2010-1452 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-1623 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-2068 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2010-2791 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2010-3436 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2010-4409 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-4645 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-0195 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1148 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2011-1153 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2011-1464 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1467 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-1468 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1471 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1928 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1938 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2011-1945 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\nCVE-2011-2192 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2011-2202 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4\nCVE-2011-2483 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2011-3182 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-3189 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2011-3267 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-3268 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2011-3207 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2011-3210 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-3348 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-3368 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2011-3639 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2011-3846 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2011-4317 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2012-0135 (AV:N/AC:M/Au:S/C:N/I:N/A:P) 3.5\nCVE-2012-1993 (AV:L/AC:L/Au:S/C:P/I:P/A:N) 3.2\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nThe Hewlett-Packard Company thanks Sow Ching Shiong coordinating with Secunia for reporting CVE-2011-3846 to security-alert@hp.com. \n\nRESOLUTION\n\nHP has provided HP System Management Homepage v7.0 or subsequent to resolve the vulnerabilities. \n\nSMH v7.0 is available here: http://h18000.www1.hp.com/products/servers/management/agents/index.html\n\nHISTORY\nVersion:1 (rev.1) 16 April 2012 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2012 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAk+MKDYACgkQ4B86/C0qfVkIIgCeIhDxobSe39v5hyk0GRrO6Zaw\nOHIAoMmRE1imNBs6CtS/6/l1kZY3fwop\n=hsl/\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6\n\nSafari 5.1 and Safari 5.0.6 are now available and address the\nfollowing:\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: In certain situations, Safari may treat a file as HTML,\neven if it is served with the \u0027text/plain\u0027 content type. This may\nlead to a cross-site scripting attack on sites that allow untrusted\nusers to post text files. This issue is addressed through improved\nhandling of \u0027text/plain\u0027 content. \nCVE-ID\nCVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability\nResearch (MSVR), Neal Poole of Matasano Security\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Authenticating to a maliciously crafted website may lead to\narbitrary code execution\nDescription: The NTLM authentication protocol is susceptible to a\nreplay attack referred to as credential reflection. Authenticating to\na maliciously crafted website may lead to arbitrary code execution. \nTo mitigate this issue, Safari has been updated to utilize protection\nmechanisms recently added to Windows. This issue does not affect Mac\nOS X systems. \nCVE-ID\nCVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: A root certificate that is disabled may still be trusted\nDescription: CFNetwork did not properly validate that a certificate\nwas trusted for use by a SSL server. As a result, if the user had\nmarked a system root certificate as not trusted, Safari would still\naccept certificates signed by that root. This issue is addressed\nthrough improved certificate validation. This issue does not affect\nMac OS X systems. \nCVE-ID\nCVE-2011-0214 : An anonymous reporter\n\nColorSync\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution\nDescription: An integer overflow existed in the handling of images\nwith an embedded ColorSync profile, which may lead to a heap buffer\noverflow. Opening a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution. For Mac OS X v10.5 systems, this issue\nis addressed in Security Update 2011-004. \nCVE-ID\nCVE-2011-0200 : binaryproof working with TippingPoint\u0027s Zero Day\nInitiative\n\nCoreFoundation\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Applications that use the CoreFoundation framework may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: An off-by-one buffer overflow issue existed in the\nhandling of CFStrings. Applications that use the CoreFoundation\nframework may be vulnerable to an unexpected application termination\nor arbitrary code execution. For Mac OS X v10.6 systems, this issue\nis addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0201 : Harry Sintonen\n\nCoreGraphics\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An integer overflow issue existed in the handling of\nType 1 fonts. Viewing or downloading a document containing a\nmaliciously crafted embedded font may lead to arbitrary code\nexecution. For Mac OS X v10.6 systems, this issue is addressed in Mac\nOS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in\nSecurity Update 2011-004. \nCVE-ID\nCVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert\nof the Google Security Team\n\nInternational Components for Unicode\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Applications that use ICU may be vulnerable to an unexpected\napplication termination or arbitrary code execution\nDescription: A buffer overflow issue existed in ICU\u0027s handling of\nuppercase strings. Applications that use ICU may be vulnerable to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0206 : David Bienvenu of Mozilla\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nCCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF\nimage may lead to an unexpected application termination or arbitrary\ncode execution. \nCVE-ID\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A reentrancy issue existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. This\nissue does not affect Mac OS X systems. \nCVE-ID\nCVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nlibxslt\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of addresses on the heap\nDescription: libxslt\u0027s implementation of the generate-id() XPath\nfunction disclosed the address of a heap buffer. Visiting a\nmaliciously crafted website may lead to the disclosure of addresses\non the heap. This issue is addressed by generating an ID based on the\ndifference between the addresses of two heap buffers. For Mac OS X\nv10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac\nOS X v10.5 systems, this issue is addressed in Security Update\n2011-004. \nCVE-ID\nCVE-2011-0195 : Chris Evans of the Google Chrome Security Team\n\nlibxml\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A one-byte heap buffer overflow existed in libxml\u0027s\nhandling of XML data. Visiting a maliciously crafted website may lead\nto an unexpected application termination or arbitrary code execution. \nCVE-ID\nCVE-2011-0216 : Billy Rios of the Google Security Team\n\nSafari\nAvailable for: Mac OS X v10.6.8 or later,\nMac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later\nImpact: If the \"AutoFill web forms\" feature is enabled, visiting a\nmaliciously crafted website and typing may lead to the disclosure of\ninformation from the user\u0027s Address Book\nDescription: Safari\u0027s \"AutoFill web forms\" feature filled in non-\nvisible form fields, and the information was accessible by scripts on\nthe site before the user submitted the form. This issue is addressed\nby displaying all fields that will be filled, and requiring the\nuser\u0027s consent before AutoFill information is available to the form. \nCVE-ID\nCVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah\nGrossman]\n\nSafari\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: With a certain Java configuration, visiting a malicious\nwebsite may lead to unexpected text being displayed on other sites\nDescription: A cross origin issue existed in the handling of Java\nApplets. This applies when Java is enabled in Safari, and Java is\nconfigured to run within the browser process. Fonts loaded by a Java\napplet could affect the display of text content from other sites. \nThis issue is addressed by running Java applets in a separate\nprocess. \nCVE-ID\nCVE-2011-0219 : Joshua Smith of Kaon Interactive\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nVisiting a maliciously crafted website may lead to an unexpected\napplication termination or arbitrary code execution. \nCVE-ID\nCVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability\nResearch (MSVR), wushi of team509, and Yong Li of Research In Motion\nLtd\nCVE-2011-0164 : Apple\nCVE-2011-0218 : SkyLined of Google Chrome Security Team\nCVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS\nResearch Team, and Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with\niDefense VCP\nCVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0232 : J23 working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-0233 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0234 : Rob King working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with iDefense VCP\nCVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0237 : wushi of team509 working with iDefense VCP\nCVE-2011-0238 : Adam Barth of Google Chrome Security Team\nCVE-2011-0240 : wushi of team509 working with iDefense VCP\nCVE-2011-0253 : Richard Keen\nCVE-2011-0254 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0255 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc\nCVE-2011-0983 : Martin Barbella\nCVE-2011-1109 : Sergey Glazunov\nCVE-2011-1114 : Martin Barbella\nCVE-2011-1115 : Martin Barbella\nCVE-2011-1117 : wushi of team509\nCVE-2011-1121 : miaubiz\nCVE-2011-1188 : Martin Barbella\nCVE-2011-1203 : Sergey Glazunov\nCVE-2011-1204 : Sergey Glazunov\nCVE-2011-1288 : Andreas Kling of Nokia\nCVE-2011-1293 : Sergey Glazunov\nCVE-2011-1296 : Sergey Glazunov\nCVE-2011-1449 : Marek Majkowski, wushi of team 509 working with\niDefense VCP\nCVE-2011-1451 : Sergey Glazunov\nCVE-2011-1453 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-1457 : John Knottenbelt of Google\nCVE-2011-1462 : wushi of team509\nCVE-2011-1797 : wushi of team509\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A configuration issue existed in WebKit\u0027s use of\nlibxslt. Visiting a maliciously crafted website may lead to arbitrary\nfiles being created with the privileges of the user, which may lead\nto arbitrary code execution. This issue is addressed through improved\nlibxslt security settings. \nCVE-ID\nCVE-2011-1774 : Nicolas Gregoire of Agarri\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\ninformation disclosure\nDescription: A cross-origin issue existed in the handling of Web\nWorkers. Visiting a maliciously crafted website may lead to an\ninformation disclosure. \nCVE-ID\nCVE-2011-1190 : Daniel Divricean of divricean.ro\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of URLs\nwith an embedded username. Visiting a maliciously crafted website may\nlead to a cross-site scripting attack. This issue is addressed\nthrough improved handling of URLs with an embedded username. \nCVE-ID\nCVE-2011-0242 : Jobert Abma of Online24\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of DOM\nnodes. Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack. \nCVE-ID\nCVE-2011-1295 : Sergey Glazunov\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: A maliciously crafted website may be able to cause a\ndifferent URL to be shown in the address bar\nDescription: A URL spoofing issue existed in the handling of the DOM\nhistory object. A maliciously crafted website may have been able to\ncause a different URL to be shown in the address bar. \nCVE-ID\nCVE-2011-1107 : Jordi Chancel\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Subscribing to a maliciously crafted RSS feed and clicking\non a link within it may lead to an information disclosure\nDescription: A canonicalization issue existed in the handling of\nURLs. Subscribing to a maliciously crafted RSS feed and clicking on a\nlink within it may lead to arbitrary files being sent from the user\u0027s\nsystem to a remote server. This update addresses the issue through\nimproved handling of URLs. \nCVE-ID\nCVE-2011-0244 : Jason Hullinger\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Applications that use WebKit, such as mail clients, may\nconnect to an arbitrary DNS server upon processing HTML content\nDescription: DNS prefetching was enabled by default in WebKit. \nApplications that use WebKit, such a s mail clients, may connect to\nan arbitrary DNS server upon processing HTML content. This update\naddresses the issue by requiring applications to opt in to DNS\nprefetching. \nCVE-ID\nCVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd. \n\n\nNote: Safari 5.1 is included with OS X Lion. \n\n\nSafari 5.1 and Safari 5.0.6 address the same set of security\nissues. Safari 5.1 is provided for Mac OS X v10.6,\nand Windows systems. Safari 5.0.6 is provided for\nMac OS X v10.5 systems. \n\nSafari 5.1 is available via the Apple Software Update\napplication, or Apple\u0027s Safari download site at:\nhttp://www.apple.com/safari/download/\n\nSafari 5.0.6 is available via the Apple Software Update\napplication, or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nSafari for Mac OS X v10.6.8 and later\nThe download file is named: Safari5.1SnowLeopard.dmg\nIts SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24\n\nSafari for Mac OS X v10.5.8\nThe download file is named: Safari5.0.6Leopard.dmg\nIts SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f\n\nSafari for Windows 7, Vista or XP\nThe download file is named: SafariSetup.exe\nIts SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36\n\nSafari for Windows 7, Vista or XP from the Microsoft Choice Screen\nThe download file is named: Safari_Setup.exe\nIts SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b\n\nSafari+QuickTime for Windows 7, Vista or XP\nThe file is named: SafariQuickTimeSetup.exe\nIts SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.9 (Darwin)\n\niQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw\nup9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD\nMeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY\nnKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb\nvesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/\nKD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ=\n=fOfF\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\n\nA step-by-step discussion of the latest Flash Player 0-day exploit:\nhttp://secunia.com/blog/210\n\n\n----------------------------------------------------------------------\n\nTITLE:\nApple iOS Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA44207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44207\n\nRELEASE DATE:\n2011-04-16\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nSome vulnerabilities has been reported in Apple iOS, which can be\nexploited by malicious people to disclose system information and\ncompromise a vulnerable device. \n\nFor more information:\nSA43832\n\nSOLUTION:\nUpgrade to iOS 4.3.2 (downloadable and installable via iTunes). \n\nORIGINAL ADVISORY:\nApple:\nhttp://support.apple.com/kb/HT4606\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2011-0195" }, { "db": "JVNDB", "id": "JVNDB-2011-001529" }, { "db": "BID", "id": "47668" }, { "db": "VULHUB", "id": "VHN-48140" }, { "db": "PACKETSTORM", "id": "111915" }, { "db": "PACKETSTORM", "id": "103216" }, { "db": "PACKETSTORM", "id": "112043" }, { "db": "PACKETSTORM", "id": "100492" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-0195", "trust": 3.1 }, { "db": "SECTRACK", "id": "1025365", "trust": 1.9 }, { "db": "JVNDB", "id": "JVNDB-2011-001529", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201104-159", "trust": 0.7 }, { "db": "SECUNIA", "id": "44207", "trust": 0.7 }, { "db": "APPLE", "id": "APPLE-SA-2011-04-14-1", "trust": 0.6 }, { "db": "BID", "id": "47668", "trust": 0.3 }, { "db": "VULHUB", "id": "VHN-48140", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "111915", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "103216", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "112043", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "100492", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-48140" }, { "db": "BID", "id": "47668" }, { "db": "JVNDB", "id": "JVNDB-2011-001529" }, { "db": "PACKETSTORM", "id": "111915" }, { "db": "PACKETSTORM", "id": "103216" }, { "db": "PACKETSTORM", "id": "112043" }, { "db": "PACKETSTORM", "id": "100492" }, { "db": "CNNVD", "id": "CNNVD-201104-159" }, { "db": "NVD", "id": "CVE-2011-0195" } ] }, "id": "VAR-201104-0256", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-48140" } ], "trust": 0.01 }, "last_update_date": "2024-11-23T20:05:13.362000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "HT4606", "trust": 0.8, "url": "http://support.apple.com/kb/HT4606" }, { "title": "HT4723", "trust": 0.8, "url": "http://support.apple.com/kb/HT4723" }, { "title": "HT4808", "trust": 0.8, "url": "http://support.apple.com/kb/HT4808" }, { "title": "HT4606", "trust": 0.8, "url": "http://support.apple.com/kb/HT4606?viewlocale=ja_JP" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-001529" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-200", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-48140" }, { "db": "JVNDB", "id": "JVNDB-2011-001529" }, { "db": "NVD", "id": "CVE-2011-0195" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "http://www.securitytracker.com/id?1025365" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2011//apr/msg00000.html" }, { "trust": 1.1, "url": "http://lists.apple.com/archives/security-announce/2011//jun/msg00000.html" }, { "trust": 1.1, "url": "http://lists.apple.com/archives/security-announce/2011//jul/msg00002.html" }, { "trust": 1.1, "url": "http://support.apple.com/kb/ht4723" }, { "trust": 1.1, "url": "http://support.apple.com/kb/ht4808" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0195" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu976710" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu781747" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu805814" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0195" }, { "trust": 0.6, "url": "http://secunia.com/advisories/44207" }, { "trust": 0.3, "url": "http://www.apple.com/safari/" }, { "trust": 0.3, "url": "http://git.gnome.org/browse/libxslt/commit/?id=ecb6bcb8d1b7e44842edde3929f412d46b40c89f" }, { "trust": 0.3, "url": "http://www.google.com/chrome" }, { "trust": 0.3, "url": "http://www.microsoft.com/windows/ie/" }, { "trust": 0.3, "url": "http://xmlsoft.org/xslt/" }, { "trust": 0.3, "url": "http://www.mozilla.com/en-us/" }, { "trust": 0.3, "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-18.html" }, { "trust": 0.3, "url": "http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html" }, { "trust": 0.3, "url": "http://www.mozilla.org/projects/seamonkey/" }, { "trust": 0.3, "url": "http://support.avaya.com/css/p8/documents/100144158" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100167733" }, { "trust": 0.3, "url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html" }, { "trust": 0.3, "url": "http://www.mandriva.com/en/support/security/advisories/?dis=2010.1\u0026name=mdvsa-2011:079" }, { "trust": 0.3, "url": "http://www.vmware.com/security/advisories/vmsa-2013-0001.html" }, { "trust": 0.3, "url": "http://www.xerox.com/download/security/security-bulletin/10be6-4f72fbafb1868/cert_xrx14-002_v1.0.pdf" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0195" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1623" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4409" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1468" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1148" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3182" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3192" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1467" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1471" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1452" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0734" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1470" }, { "trust": 0.2, "url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.2, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2202" }, { "trust": 0.2, "url": "http://h18000.www1.hp.com/products/servers/management/agents/index.html" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4645" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0419" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1945" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2068" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1928" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1938" }, { "trust": 0.2, "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3436" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2483" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0014" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1464" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1153" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0037" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2192" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2791" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3189" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1420" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0206" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0235" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0240" }, { "trust": 0.1, "url": "http://support.apple.com/kb/ht1222" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0237" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0200" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0214" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0238" }, { "trust": 0.1, "url": "http://www.apple.com/support/downloads/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0201" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0233" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0219" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0234" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0223" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0202" }, { "trust": 0.1, "url": "https://www.apple.com/support/security/pgp/" }, { "trust": 0.1, "url": "http://www.apple.com/safari/download/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0215" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0217" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0204" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0222" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0164" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0221" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0216" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0218" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1383" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0225" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3829" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0232" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1823" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44207" }, { "trust": 0.1, "url": "http://secunia.com/advisories/44207/" }, { "trust": 0.1, "url": "http://secunia.com/products/corporate/evm/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/44207/#comments" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/blog/210" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://support.apple.com/kb/ht4606" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" } ], "sources": [ { "db": "VULHUB", "id": "VHN-48140" }, { "db": "BID", "id": "47668" }, { "db": "JVNDB", "id": "JVNDB-2011-001529" }, { "db": "PACKETSTORM", "id": "111915" }, { "db": "PACKETSTORM", "id": "103216" }, { "db": "PACKETSTORM", "id": "112043" }, { "db": "PACKETSTORM", "id": "100492" }, { "db": "CNNVD", "id": "CNNVD-201104-159" }, { "db": "NVD", "id": "CVE-2011-0195" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-48140" }, { "db": "BID", "id": "47668" }, { "db": "JVNDB", "id": "JVNDB-2011-001529" }, { "db": "PACKETSTORM", "id": "111915" }, { "db": "PACKETSTORM", "id": "103216" }, { "db": "PACKETSTORM", "id": "112043" }, { "db": "PACKETSTORM", "id": "100492" }, { "db": "CNNVD", "id": "CNNVD-201104-159" }, { "db": "NVD", "id": "CVE-2011-0195" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-04-15T00:00:00", "db": "VULHUB", "id": "VHN-48140" }, { "date": "2011-03-08T00:00:00", "db": "BID", "id": "47668" }, { "date": "2011-05-10T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-001529" }, { "date": "2012-04-17T20:34:39", "db": "PACKETSTORM", "id": "111915" }, { "date": "2011-07-21T14:16:35", "db": "PACKETSTORM", "id": "103216" }, { "date": "2012-04-20T20:15:33", "db": "PACKETSTORM", "id": "112043" }, { "date": "2011-04-17T06:25:10", "db": "PACKETSTORM", "id": "100492" }, { "date": "2011-04-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201104-159" }, { "date": "2011-04-15T19:55:00.653000", "db": "NVD", "id": "CVE-2011-0195" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-07-23T00:00:00", "db": "VULHUB", "id": "VHN-48140" }, { "date": "2015-04-13T21:25:00", "db": "BID", "id": "47668" }, { "date": "2011-07-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-001529" }, { "date": "2011-04-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201104-159" }, { "date": "2024-11-21T01:23:31.187000", "db": "NVD", "id": "CVE-2011-0195" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201104-159" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apple iOS of generate-id XPath Vulnerabilities that capture important information on functions", "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-001529" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-201104-159" } ], "trust": 0.6 } }
ghsa-jh8p-g678-fj3r
Vulnerability from github
The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.
{ "affected": [], "aliases": [ "CVE-2011-0195" ], "database_specific": { "cwe_ids": [ "CWE-200" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2011-04-15T19:55:00Z", "severity": "MODERATE" }, "details": "The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.", "id": "GHSA-jh8p-g678-fj3r", "modified": "2022-05-17T05:40:14Z", "published": "2022-05-17T05:40:14Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0195" }, { "type": "WEB", "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html" }, { "type": "WEB", "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" }, { "type": "WEB", "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html" }, { "type": "WEB", "url": "http://support.apple.com/kb/HT4723" }, { "type": "WEB", "url": "http://support.apple.com/kb/HT4808" }, { "type": "WEB", "url": "http://www.securitytracker.com/id?1025365" } ], "schema_version": "1.4.0", "severity": [] }
gsd-2011-0195
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2011-0195", "description": "The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.", "id": "GSD-2011-0195", "references": [ "https://www.suse.com/security/cve/CVE-2011-0195.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2011-0195" ], "details": "The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.", "id": "GSD-2011-0195", "modified": "2023-12-13T01:19:04.736719Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2011-0195", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT4723", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4723" }, { "name": "APPLE-SA-2011-06-23-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html" }, { "name": "1025365", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025365" }, { "name": "http://support.apple.com/kb/HT4808", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4808" }, { "name": "APPLE-SA-2011-04-14-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html" }, { "name": "APPLE-SA-2011-07-20-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2011-0195" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-200" } ] } ] }, "references": { "reference_data": [ { "name": "APPLE-SA-2011-04-14-1", "refsource": "APPLE", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html" }, { "name": "1025365", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1025365" }, { "name": "http://support.apple.com/kb/HT4723", "refsource": "CONFIRM", "tags": [], "url": "http://support.apple.com/kb/HT4723" }, { "name": "APPLE-SA-2011-06-23-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html" }, { "name": "http://support.apple.com/kb/HT4808", "refsource": "CONFIRM", "tags": [], "url": "http://support.apple.com/kb/HT4808" }, { "name": "APPLE-SA-2011-07-20-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true } }, "lastModifiedDate": "2011-07-23T02:39Z", "publishedDate": "2011-04-15T19:55Z" } } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.