Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    902 vulnerabilities by wordpress

    CVE-2020-37233 (GCVE-0-2020-37233)

    Vulnerability from nvd – Published: 2026-05-16 15:25 – Updated: 2026-05-24 01:36
    VLAI
    Title
    WordPress Plugin Buddypress 6.2.0 Persistent Cross-Site Scripting
    Summary
    WordPress Plugin Buddypress 6.2.0 contains a persistent cross-site scripting vulnerability that allows authenticated attackers with moderator privileges to inject malicious script code through the figure parameter in wp:html blocks. Attackers can inject iframe elements with event handlers like onload that execute when administrators or privileged users preview or view the affected page content, enabling session hijacking and persistent phishing attacks.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Wordpress Buddypress Affected: 6.2.0
    Create a notification for this product.
    Date Public
    2020-11-13 00:00
    Credits
    Vulnerability-Lab
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-37233",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T18:10:33.511497Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T18:11:08.583Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Buddypress",
              "vendor": "Wordpress",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.0"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:boonebgorges:buddypress_docs:6.2.0:*:*:*:*:*:*:*",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Vulnerability-Lab"
            }
          ],
          "datePublic": "2020-11-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "WordPress Plugin Buddypress 6.2.0 contains a persistent cross-site scripting vulnerability that allows authenticated attackers with moderator privileges to inject malicious script code through the figure parameter in wp:html blocks. Attackers can inject iframe elements with event handlers like onload that execute when administrators or privileged users preview or view the affected page content, enabling session hijacking and persistent phishing attacks."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-24T01:36:56.209Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-49061",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/49061"
            },
            {
              "name": "Official Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://wordpress.org/plugins/buddypress/"
            },
            {
              "name": "VulnCheck Advisory: WordPress Plugin Buddypress 6.2.0 Persistent Cross-Site Scripting",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/wordpress-plugin-buddypress-persistent-cross-site-scripting"
            }
          ],
          "title": "WordPress Plugin Buddypress 6.2.0 Persistent Cross-Site Scripting",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2020-37233",
        "datePublished": "2026-05-16T15:25:50.542Z",
        "dateReserved": "2026-05-15T14:10:27.851Z",
        "dateUpdated": "2026-05-24T01:36:56.209Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-54333 (GCVE-0-2023-54333)

    Vulnerability from nvd – Published: 2026-01-13 22:56 – Updated: 2026-04-07 14:08
    VLAI
    Title
    Social-Share-Buttons 2.2.3 - SQL Injection via project_id Parameter
    Summary
    Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted POST requests with malicious SQL payloads to retrieve and potentially steal entire database contents.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Date Public
    2023-03-28 00:00
    Credits
    nu11secur1ty
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-54333",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-14T15:45:37.123625Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-14T19:17:36.471Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Social-Share-Buttons",
              "vendor": "Wordpress",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.3"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:artlosk:social_share_buttons:2.2.3:*:*:*:*:*:*:*",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "nu11secur1ty"
            }
          ],
          "datePublic": "2023-03-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted POST requests with malicious SQL payloads to retrieve and potentially steal entire database contents."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:08:21.617Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-51116",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/51116"
            },
            {
              "name": "WP Plugin Webpage",
              "tags": [
                "product"
              ],
              "url": "https://supsystic.com/plugins/social-share-plugin/"
            },
            {
              "name": "Vulnerability Research Repository",
              "tags": [
                "technical-description"
              ],
              "url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/WordPress/2022/Social-Share-Buttons-2.2.3"
            },
            {
              "name": "VulnCheck Advisory: Social-Share-Buttons 2.2.3 - SQL Injection via project_id Parameter",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/social-share-buttons-sql-injection-via-projectid-parameter"
            }
          ],
          "title": "Social-Share-Buttons 2.2.3 - SQL Injection via project_id Parameter",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2023-54333",
        "datePublished": "2026-01-13T22:56:45.964Z",
        "dateReserved": "2026-01-10T01:51:52.983Z",
        "dateUpdated": "2026-04-07T14:08:21.617Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-58674 (GCVE-0-2025-58674)

    Vulnerability from nvd – Published: 2025-09-23 18:47 – Updated: 2026-04-28 16:13 X_Open Source
    VLAI
    Title
    WordPress <= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability
    Summary
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user privileges to execute the attack vector.This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    WordPress WordPress Affected: 6.8 , ≤ 6.8.2 (custom)
    Affected: 6.7 , ≤ 6.7.3 (custom)
    Affected: 6.6 , ≤ 6.6.3 (custom)
    Affected: 6.5 , ≤ 6.5.6 (custom)
    Affected: 6.4 , ≤ 6.4.6 (custom)
    Affected: 6.3 , ≤ 6.3.6 (custom)
    Affected: 6.2 , ≤ 6.2.7 (custom)
    Affected: 6.1 , ≤ 6.1.8 (custom)
    Affected: 6.0 , ≤ 6.0.10 (custom)
    Affected: 5.9 , ≤ 5.9.11 (custom)
    Affected: 5.8 , ≤ 5.8.11 (custom)
    Affected: 5.7 , ≤ 5.7.13 (custom)
    Affected: 5.6 , ≤ 5.6.15 (custom)
    Affected: 5.5 , ≤ 5.5.16 (custom)
    Affected: 5.4 , ≤ 5.4.17 (custom)
    Affected: 5.3 , ≤ 5.3.19 (custom)
    Affected: 5.2 , ≤ 5.2.22 (custom)
    Affected: 5.1 , ≤ 5.1.20 (custom)
    Affected: 5.0 , ≤ 5.0.23 (custom)
    Affected: 4.9 , ≤ 4.9.27 (custom)
    Affected: 4.8 , ≤ 4.8.26 (custom)
    Affected: 4.7 , ≤ 4.7.30 (custom)
    Create a notification for this product.
    Credits
    savphill (Patchstack Bug Bounty Program) John Blackbourn (WordPress core security team lead)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58674",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-23T19:15:09.886956Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-23T19:17:35.099Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WordPress",
              "repo": "https://github.com/WordPress/WordPress",
              "vendor": "WordPress",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.8.3",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.8.2",
                  "status": "affected",
                  "version": "6.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.7.4",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.7.3",
                  "status": "affected",
                  "version": "6.7",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.6.4",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.6.3",
                  "status": "affected",
                  "version": "6.6",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.5.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.6",
                  "status": "affected",
                  "version": "6.5",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.4.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.4.6",
                  "status": "affected",
                  "version": "6.4",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.3.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.3.6",
                  "status": "affected",
                  "version": "6.3",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.2.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.2.7",
                  "status": "affected",
                  "version": "6.2",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.1.9",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.1.8",
                  "status": "affected",
                  "version": "6.1",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.0.11",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.0.10",
                  "status": "affected",
                  "version": "6.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.9.12",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.9.11",
                  "status": "affected",
                  "version": "5.9",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.8.12",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.8.11",
                  "status": "affected",
                  "version": "5.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.7.14",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.7.13",
                  "status": "affected",
                  "version": "5.7",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.6.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.6.15",
                  "status": "affected",
                  "version": "5.6",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.5.17",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.5.16",
                  "status": "affected",
                  "version": "5.5",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.4.18",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.4.17",
                  "status": "affected",
                  "version": "5.4",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.3.20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.3.19",
                  "status": "affected",
                  "version": "5.3",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.2.23",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.2.22",
                  "status": "affected",
                  "version": "5.2",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.1.21",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.1.20",
                  "status": "affected",
                  "version": "5.1",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.0.24",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.0.23",
                  "status": "affected",
                  "version": "5.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.9.28",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.9.27",
                  "status": "affected",
                  "version": "4.9",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.8.27",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.8.26",
                  "status": "affected",
                  "version": "4.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.7.31",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.7.30",
                  "status": "affected",
                  "version": "4.7",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "savphill (Patchstack Bug Bounty Program)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "John Blackbourn (WordPress core security team lead)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user privileges to execute the attack vector.\u003c/span\u003e\u003cp\u003eThis issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.\u003c/p\u003e"
                }
              ],
              "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user privileges to execute the attack vector.This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592 Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:13:46.266Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-cross-site-scripting-xss-vulnerability?_s_id=cve"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://wordpress.org/news/2025/09/wordpress-6-8-3-release/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
                }
              ],
              "value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "tags": [
            "x_open-source"
          ],
          "title": "WordPress \u003c= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2025-58674",
        "datePublished": "2025-09-23T18:47:02.628Z",
        "dateReserved": "2025-09-03T09:03:46.831Z",
        "dateUpdated": "2026-04-28T16:13:46.266Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-58246 (GCVE-0-2025-58246)

    Vulnerability from nvd – Published: 2025-09-23 17:17 – Updated: 2026-04-28 16:13 X_Open Source
    VLAI
    Title
    WordPress <= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability
    Summary
    Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it. This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Insertion of Sensitive Information Into Sent Data
    Assigner
    Impacted products
    Vendor Product Version
    WordPress WordPress Affected: 6.8 , ≤ 6.8.2 (custom)
    Affected: 6.7 , ≤ 6.7.3 (custom)
    Affected: 6.6 , ≤ 6.6.3 (custom)
    Affected: 6.5 , ≤ 6.5.6 (custom)
    Affected: 6.4 , ≤ 6.4.6 (custom)
    Affected: 6.3 , ≤ 6.3.6 (custom)
    Affected: 6.2 , ≤ 6.2.7 (custom)
    Affected: 6.1 , ≤ 6.1.8 (custom)
    Affected: 6.0 , ≤ 6.0.10 (custom)
    Affected: 5.9 , ≤ 5.9.11 (custom)
    Affected: 5.8 , ≤ 5.8.11 (custom)
    Affected: 5.7 , ≤ 5.7.13 (custom)
    Affected: 5.6 , ≤ 5.6.15 (custom)
    Affected: 5.5 , ≤ 5.5.16 (custom)
    Affected: 5.4 , ≤ 5.4.17 (custom)
    Affected: 5.3 , ≤ 5.3.19 (custom)
    Affected: 5.2 , ≤ 5.2.22 (custom)
    Affected: 5.1 , ≤ 5.1.20 (custom)
    Affected: 5.0 , ≤ 5.0.23 (custom)
    Affected: 4.9 , ≤ 4.9.27 (custom)
    Affected: 4.8 , ≤ 4.8.26 (custom)
    Affected: 4.7 , ≤ 4.7.30 (custom)
    Create a notification for this product.
    Credits
    Abu Hurayra (Patchstack Bug Bounty Program) John Blackbourn (WordPress core security team lead) Timothy Jacobs Peter Wilson Mike Nelson
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58246",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-23T18:30:39.501670Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-23T18:37:38.153Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WordPress",
              "repo": "https://github.com/WordPress/WordPress",
              "vendor": "WordPress",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.8.3",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.8.2",
                  "status": "affected",
                  "version": "6.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.7.4",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.7.3",
                  "status": "affected",
                  "version": "6.7",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.6.4",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.6.3",
                  "status": "affected",
                  "version": "6.6",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.5.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.6",
                  "status": "affected",
                  "version": "6.5",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.4.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.4.6",
                  "status": "affected",
                  "version": "6.4",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.3.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.3.6",
                  "status": "affected",
                  "version": "6.3",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.2.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.2.7",
                  "status": "affected",
                  "version": "6.2",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.1.9",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.1.8",
                  "status": "affected",
                  "version": "6.1",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.0.11",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.0.10",
                  "status": "affected",
                  "version": "6.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.9.12",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.9.11",
                  "status": "affected",
                  "version": "5.9",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.8.12",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.8.11",
                  "status": "affected",
                  "version": "5.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.7.14",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.7.13",
                  "status": "affected",
                  "version": "5.7",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.6.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.6.15",
                  "status": "affected",
                  "version": "5.6",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.5.17",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.5.16",
                  "status": "affected",
                  "version": "5.5",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.4.18",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.4.17",
                  "status": "affected",
                  "version": "5.4",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.3.20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.3.19",
                  "status": "affected",
                  "version": "5.3",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.2.23",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.2.22",
                  "status": "affected",
                  "version": "5.2",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.1.21",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.1.20",
                  "status": "affected",
                  "version": "5.1",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.0.24",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.0.23",
                  "status": "affected",
                  "version": "5.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.9.28",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.9.27",
                  "status": "affected",
                  "version": "4.9",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.8.27",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.8.26",
                  "status": "affected",
                  "version": "4.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.7.31",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.7.30",
                  "status": "affected",
                  "version": "4.7",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Abu Hurayra (Patchstack Bug Bounty Program)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "John Blackbourn (WordPress core security team lead)"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Timothy Jacobs"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Peter Wilson"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mike Nelson"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.\u003c/p\u003e"
                }
              ],
              "value": "Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it.\nThis issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-201",
                  "description": "CWE-201 Insertion of Sensitive Information Into Sent Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:13:42.821Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-sensitive-data-exposure-vulnerability?_s_id=cve"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://wordpress.org/news/2025/09/wordpress-6-8-3-release/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
                }
              ],
              "value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "tags": [
            "x_open-source"
          ],
          "title": "WordPress \u003c= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2025-58246",
        "datePublished": "2025-09-23T17:17:12.399Z",
        "dateReserved": "2025-08-27T16:19:44.959Z",
        "dateUpdated": "2026-04-28T16:13:42.821Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-54352 (GCVE-0-2025-54352)

    Vulnerability from nvd – Published: 2025-07-21 00:00 – Updated: 2025-07-21 18:15
    VLAI
    Summary
    WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-669 - Incorrect Resource Transfer Between Spheres
    Assigner
    Impacted products
    Vendor Product Version
    WordPress WordPress Affected: 3.5 , ≤ 6.8.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54352",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-21T18:14:44.588087Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-21T18:15:20.785Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "WordPress",
              "vendor": "WordPress",
              "versions": [
                {
                  "lessThanOrEqual": "6.8.2",
                  "status": "affected",
                  "version": "3.5",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "6.8.2",
                      "versionStartIncluding": "3.5",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-669",
                  "description": "CWE-669 Incorrect Resource Transfer Between Spheres",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-21T04:27:10.814Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.imperva.com/blog/beware-a-threat-actor-could-steal-the-titles-of-your-private-and-draft-wordpress-posts/"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-54352",
        "datePublished": "2025-07-21T00:00:00.000Z",
        "dateReserved": "2025-07-21T00:00:00.000Z",
        "dateUpdated": "2025-07-21T18:15:20.785Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-4973 (GCVE-0-2022-4973)

    Vulnerability from nvd – Published: 2024-10-16 06:43 – Updated: 2026-04-08 17:17
    VLAI
    Title
    WordPress Core < 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via use of the_meta(); function
    Summary
    WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticated Stored Cross-Site Scripting that can be exploited by users with access to the WordPress post and page editor, typically consisting of Authors, Contributors, and Editors making it possible to inject arbitrary web scripts into posts and pages that execute if the the_meta(); function is called on that page.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    WordPress Foundation WordPress Affected: 0 , ≤ 3.6.1 (semver)
    Affected: 3.7 , ≤ 3.7.38 (semver)
    Affected: 3.8 , ≤ 3.8.38 (semver)
    Affected: 3.9 , ≤ 3.9.36 (semver)
    Affected: 4.0 , ≤ 4.0.35 (semver)
    Affected: 4.1 , ≤ 4.1.35 (semver)
    Affected: 4.2 , ≤ 4.2.32 (semver)
    Affected: 4.3 , ≤ 4.3.28 (semver)
    Affected: 4.4 , ≤ 4.4.27 (semver)
    Affected: 4.5 , ≤ 4.5.26 (semver)
    Affected: 4.6 , ≤ 4.6.23 (semver)
    Affected: 4.7 , ≤ 4.7.23 (semver)
    Affected: 4.8 , ≤ 4.8.19 (semver)
    Affected: 4.9 , ≤ 4.9.20 (semver)
    Affected: 5.0 , ≤ 5.0.16 (semver)
    Affected: 5.1 , ≤ 5.1.13 (semver)
    Affected: 5.2 , ≤ 5.2.15 (semver)
    Affected: 5.3 , ≤ 5.3.12 (semver)
    Affected: 5.4 , ≤ 5.4.10 (semver)
    Affected: 5.5 , ≤ 5.5.9 (semver)
    Affected: 5.6 , ≤ 5.6.8 (semver)
    Affected: 5.7 , ≤ 5.7.6 (semver)
    Affected: 5.8 , ≤ 5.8.4 (semver)
    Affected: 5.9 , ≤ 5.9.3 (semver)
    Affected: 6.0 , ≤ 6.0.1 (semver)
    Create a notification for this product.
    Credits
    John Blackbourn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4973",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-16T12:59:16.874933Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-16T12:59:35.321Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WordPress",
              "vendor": "WordPress Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "3.6.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.7.38",
                  "status": "affected",
                  "version": "3.7",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.8.38",
                  "status": "affected",
                  "version": "3.8",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.9.36",
                  "status": "affected",
                  "version": "3.9",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.0.35",
                  "status": "affected",
                  "version": "4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.1.35",
                  "status": "affected",
                  "version": "4.1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.2.32",
                  "status": "affected",
                  "version": "4.2",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.3.28",
                  "status": "affected",
                  "version": "4.3",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.4.27",
                  "status": "affected",
                  "version": "4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.5.26",
                  "status": "affected",
                  "version": "4.5",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.6.23",
                  "status": "affected",
                  "version": "4.6",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.7.23",
                  "status": "affected",
                  "version": "4.7",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.8.19",
                  "status": "affected",
                  "version": "4.8",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.9.20",
                  "status": "affected",
                  "version": "4.9",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.0.16",
                  "status": "affected",
                  "version": "5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.1.13",
                  "status": "affected",
                  "version": "5.1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.2.15",
                  "status": "affected",
                  "version": "5.2",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.3.12",
                  "status": "affected",
                  "version": "5.3",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.10",
                  "status": "affected",
                  "version": "5.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.5.9",
                  "status": "affected",
                  "version": "5.5",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.6.8",
                  "status": "affected",
                  "version": "5.6",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.7.6",
                  "status": "affected",
                  "version": "5.7",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.8.4",
                  "status": "affected",
                  "version": "5.8",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.9.3",
                  "status": "affected",
                  "version": "5.9",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.1",
                  "status": "affected",
                  "version": "6.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "John Blackbourn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticated Stored Cross-Site Scripting that can be exploited by users with access to the WordPress post and page editor, typically consisting of Authors, Contributors, and Editors making it possible to inject arbitrary web scripts into posts and pages that execute if the the_meta(); function is called on that page."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:17:09.962Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b5582e89-83e6-4898-b9fe-09eddeb5f7ae?source=cve"
            },
            {
              "url": "https://core.trac.wordpress.org/changeset/53961"
            },
            {
              "url": "https://wordpress.org/news/2022/08/wordpress-6-0-2-security-and-maintenance-release/"
            },
            {
              "url": "https://www.wordfence.com/blog/2022/08/wordpress-core-6-0-2-security-maintenance-release-what-you-need-to-know/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2022-08-30T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "WordPress Core \u003c 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via use of the_meta(); function"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2022-4973",
        "datePublished": "2024-10-16T06:43:41.734Z",
        "dateReserved": "2024-10-15T18:03:44.130Z",
        "dateUpdated": "2026-04-08T17:17:09.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-8914 (GCVE-0-2024-8914)

    Vulnerability from nvd – Published: 2024-09-24 06:40 – Updated: 2026-04-08 17:06
    VLAI
    Title
    Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam <= 2.0.1 - Unauthenticated Stored Cross-Site Scripting
    Summary
    The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 due to incorrect use of the wp_kses_allowed_html function, which allows the 'onclick' attribute for certain HTML elements without sufficient restriction or context validation. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Credits
    Francesco Carlucci
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8914",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-27T18:07:18.688461Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-27T21:43:06.600Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Thanh To\u00e1n Qu\u00e9t M\u00e3 QR Code T\u1ef1 \u0110\u1ed9ng \u2013 MoMo, ViettelPay, VNPay v\u00e0 40 ng\u00e2n h\u00e0ng Vi\u1ec7t Nam",
              "vendor": "haibasoft",
              "versions": [
                {
                  "lessThanOrEqual": "2.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Francesco Carlucci"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Thanh To\u00e1n Qu\u00e9t M\u00e3 QR Code T\u1ef1 \u0110\u1ed9ng \u2013 MoMo, ViettelPay, VNPay v\u00e0 40 ng\u00e2n h\u00e0ng Vi\u1ec7t Nam plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 due to incorrect use of the wp_kses_allowed_html function, which allows the \u0027onclick\u0027 attribute for certain HTML elements without sufficient restriction or context validation. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:06:29.970Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ef7c48b-e8f2-40bd-aa48-191059e15453?source=cve"
            },
            {
              "url": "https://wordpress.org/plugins/bck-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bck-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang/trunk/inc/functions.php#L184"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3349149/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-09-23T18:36:58.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Thanh To\u00e1n Qu\u00e9t M\u00e3 QR Code T\u1ef1 \u0110\u1ed9ng \u2013 MoMo, ViettelPay, VNPay v\u00e0 40 ng\u00e2n h\u00e0ng Vi\u1ec7t Nam \u003c= 2.0.1 - Unauthenticated Stored Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-8914",
        "datePublished": "2024-09-24T06:40:56.964Z",
        "dateReserved": "2024-09-16T21:11:21.471Z",
        "dateUpdated": "2026-04-08T17:06:29.970Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-37233 (GCVE-0-2020-37233)

    Vulnerability from cvelistv5 – Published: 2026-05-16 15:25 – Updated: 2026-05-24 01:36
    VLAI
    Title
    WordPress Plugin Buddypress 6.2.0 Persistent Cross-Site Scripting
    Summary
    WordPress Plugin Buddypress 6.2.0 contains a persistent cross-site scripting vulnerability that allows authenticated attackers with moderator privileges to inject malicious script code through the figure parameter in wp:html blocks. Attackers can inject iframe elements with event handlers like onload that execute when administrators or privileged users preview or view the affected page content, enabling session hijacking and persistent phishing attacks.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Wordpress Buddypress Affected: 6.2.0
    Create a notification for this product.
    Date Public
    2020-11-13 00:00
    Credits
    Vulnerability-Lab
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-37233",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T18:10:33.511497Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T18:11:08.583Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Buddypress",
              "vendor": "Wordpress",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.0"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:boonebgorges:buddypress_docs:6.2.0:*:*:*:*:*:*:*",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Vulnerability-Lab"
            }
          ],
          "datePublic": "2020-11-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "WordPress Plugin Buddypress 6.2.0 contains a persistent cross-site scripting vulnerability that allows authenticated attackers with moderator privileges to inject malicious script code through the figure parameter in wp:html blocks. Attackers can inject iframe elements with event handlers like onload that execute when administrators or privileged users preview or view the affected page content, enabling session hijacking and persistent phishing attacks."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-24T01:36:56.209Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-49061",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/49061"
            },
            {
              "name": "Official Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://wordpress.org/plugins/buddypress/"
            },
            {
              "name": "VulnCheck Advisory: WordPress Plugin Buddypress 6.2.0 Persistent Cross-Site Scripting",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/wordpress-plugin-buddypress-persistent-cross-site-scripting"
            }
          ],
          "title": "WordPress Plugin Buddypress 6.2.0 Persistent Cross-Site Scripting",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2020-37233",
        "datePublished": "2026-05-16T15:25:50.542Z",
        "dateReserved": "2026-05-15T14:10:27.851Z",
        "dateUpdated": "2026-05-24T01:36:56.209Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-54333 (GCVE-0-2023-54333)

    Vulnerability from cvelistv5 – Published: 2026-01-13 22:56 – Updated: 2026-04-07 14:08
    VLAI
    Title
    Social-Share-Buttons 2.2.3 - SQL Injection via project_id Parameter
    Summary
    Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted POST requests with malicious SQL payloads to retrieve and potentially steal entire database contents.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Date Public
    2023-03-28 00:00
    Credits
    nu11secur1ty
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-54333",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-14T15:45:37.123625Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-14T19:17:36.471Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Social-Share-Buttons",
              "vendor": "Wordpress",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.3"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:artlosk:social_share_buttons:2.2.3:*:*:*:*:*:*:*",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "nu11secur1ty"
            }
          ],
          "datePublic": "2023-03-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted POST requests with malicious SQL payloads to retrieve and potentially steal entire database contents."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:08:21.617Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-51116",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/51116"
            },
            {
              "name": "WP Plugin Webpage",
              "tags": [
                "product"
              ],
              "url": "https://supsystic.com/plugins/social-share-plugin/"
            },
            {
              "name": "Vulnerability Research Repository",
              "tags": [
                "technical-description"
              ],
              "url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/WordPress/2022/Social-Share-Buttons-2.2.3"
            },
            {
              "name": "VulnCheck Advisory: Social-Share-Buttons 2.2.3 - SQL Injection via project_id Parameter",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/social-share-buttons-sql-injection-via-projectid-parameter"
            }
          ],
          "title": "Social-Share-Buttons 2.2.3 - SQL Injection via project_id Parameter",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2023-54333",
        "datePublished": "2026-01-13T22:56:45.964Z",
        "dateReserved": "2026-01-10T01:51:52.983Z",
        "dateUpdated": "2026-04-07T14:08:21.617Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-58674 (GCVE-0-2025-58674)

    Vulnerability from cvelistv5 – Published: 2025-09-23 18:47 – Updated: 2026-04-28 16:13 X_Open Source
    VLAI
    Title
    WordPress <= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability
    Summary
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user privileges to execute the attack vector.This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    WordPress WordPress Affected: 6.8 , ≤ 6.8.2 (custom)
    Affected: 6.7 , ≤ 6.7.3 (custom)
    Affected: 6.6 , ≤ 6.6.3 (custom)
    Affected: 6.5 , ≤ 6.5.6 (custom)
    Affected: 6.4 , ≤ 6.4.6 (custom)
    Affected: 6.3 , ≤ 6.3.6 (custom)
    Affected: 6.2 , ≤ 6.2.7 (custom)
    Affected: 6.1 , ≤ 6.1.8 (custom)
    Affected: 6.0 , ≤ 6.0.10 (custom)
    Affected: 5.9 , ≤ 5.9.11 (custom)
    Affected: 5.8 , ≤ 5.8.11 (custom)
    Affected: 5.7 , ≤ 5.7.13 (custom)
    Affected: 5.6 , ≤ 5.6.15 (custom)
    Affected: 5.5 , ≤ 5.5.16 (custom)
    Affected: 5.4 , ≤ 5.4.17 (custom)
    Affected: 5.3 , ≤ 5.3.19 (custom)
    Affected: 5.2 , ≤ 5.2.22 (custom)
    Affected: 5.1 , ≤ 5.1.20 (custom)
    Affected: 5.0 , ≤ 5.0.23 (custom)
    Affected: 4.9 , ≤ 4.9.27 (custom)
    Affected: 4.8 , ≤ 4.8.26 (custom)
    Affected: 4.7 , ≤ 4.7.30 (custom)
    Create a notification for this product.
    Credits
    savphill (Patchstack Bug Bounty Program) John Blackbourn (WordPress core security team lead)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58674",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-23T19:15:09.886956Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-23T19:17:35.099Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WordPress",
              "repo": "https://github.com/WordPress/WordPress",
              "vendor": "WordPress",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.8.3",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.8.2",
                  "status": "affected",
                  "version": "6.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.7.4",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.7.3",
                  "status": "affected",
                  "version": "6.7",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.6.4",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.6.3",
                  "status": "affected",
                  "version": "6.6",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.5.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.6",
                  "status": "affected",
                  "version": "6.5",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.4.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.4.6",
                  "status": "affected",
                  "version": "6.4",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.3.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.3.6",
                  "status": "affected",
                  "version": "6.3",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.2.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.2.7",
                  "status": "affected",
                  "version": "6.2",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.1.9",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.1.8",
                  "status": "affected",
                  "version": "6.1",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.0.11",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.0.10",
                  "status": "affected",
                  "version": "6.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.9.12",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.9.11",
                  "status": "affected",
                  "version": "5.9",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.8.12",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.8.11",
                  "status": "affected",
                  "version": "5.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.7.14",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.7.13",
                  "status": "affected",
                  "version": "5.7",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.6.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.6.15",
                  "status": "affected",
                  "version": "5.6",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.5.17",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.5.16",
                  "status": "affected",
                  "version": "5.5",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.4.18",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.4.17",
                  "status": "affected",
                  "version": "5.4",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.3.20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.3.19",
                  "status": "affected",
                  "version": "5.3",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.2.23",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.2.22",
                  "status": "affected",
                  "version": "5.2",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.1.21",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.1.20",
                  "status": "affected",
                  "version": "5.1",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.0.24",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.0.23",
                  "status": "affected",
                  "version": "5.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.9.28",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.9.27",
                  "status": "affected",
                  "version": "4.9",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.8.27",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.8.26",
                  "status": "affected",
                  "version": "4.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.7.31",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.7.30",
                  "status": "affected",
                  "version": "4.7",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "savphill (Patchstack Bug Bounty Program)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "John Blackbourn (WordPress core security team lead)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user privileges to execute the attack vector.\u003c/span\u003e\u003cp\u003eThis issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.\u003c/p\u003e"
                }
              ],
              "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user privileges to execute the attack vector.This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592 Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:13:46.266Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-cross-site-scripting-xss-vulnerability?_s_id=cve"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://wordpress.org/news/2025/09/wordpress-6-8-3-release/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
                }
              ],
              "value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "tags": [
            "x_open-source"
          ],
          "title": "WordPress \u003c= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2025-58674",
        "datePublished": "2025-09-23T18:47:02.628Z",
        "dateReserved": "2025-09-03T09:03:46.831Z",
        "dateUpdated": "2026-04-28T16:13:46.266Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-58246 (GCVE-0-2025-58246)

    Vulnerability from cvelistv5 – Published: 2025-09-23 17:17 – Updated: 2026-04-28 16:13 X_Open Source
    VLAI
    Title
    WordPress <= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability
    Summary
    Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it. This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Insertion of Sensitive Information Into Sent Data
    Assigner
    Impacted products
    Vendor Product Version
    WordPress WordPress Affected: 6.8 , ≤ 6.8.2 (custom)
    Affected: 6.7 , ≤ 6.7.3 (custom)
    Affected: 6.6 , ≤ 6.6.3 (custom)
    Affected: 6.5 , ≤ 6.5.6 (custom)
    Affected: 6.4 , ≤ 6.4.6 (custom)
    Affected: 6.3 , ≤ 6.3.6 (custom)
    Affected: 6.2 , ≤ 6.2.7 (custom)
    Affected: 6.1 , ≤ 6.1.8 (custom)
    Affected: 6.0 , ≤ 6.0.10 (custom)
    Affected: 5.9 , ≤ 5.9.11 (custom)
    Affected: 5.8 , ≤ 5.8.11 (custom)
    Affected: 5.7 , ≤ 5.7.13 (custom)
    Affected: 5.6 , ≤ 5.6.15 (custom)
    Affected: 5.5 , ≤ 5.5.16 (custom)
    Affected: 5.4 , ≤ 5.4.17 (custom)
    Affected: 5.3 , ≤ 5.3.19 (custom)
    Affected: 5.2 , ≤ 5.2.22 (custom)
    Affected: 5.1 , ≤ 5.1.20 (custom)
    Affected: 5.0 , ≤ 5.0.23 (custom)
    Affected: 4.9 , ≤ 4.9.27 (custom)
    Affected: 4.8 , ≤ 4.8.26 (custom)
    Affected: 4.7 , ≤ 4.7.30 (custom)
    Create a notification for this product.
    Credits
    Abu Hurayra (Patchstack Bug Bounty Program) John Blackbourn (WordPress core security team lead) Timothy Jacobs Peter Wilson Mike Nelson
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58246",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-23T18:30:39.501670Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-23T18:37:38.153Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WordPress",
              "repo": "https://github.com/WordPress/WordPress",
              "vendor": "WordPress",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.8.3",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.8.2",
                  "status": "affected",
                  "version": "6.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.7.4",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.7.3",
                  "status": "affected",
                  "version": "6.7",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.6.4",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.6.3",
                  "status": "affected",
                  "version": "6.6",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.5.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.6",
                  "status": "affected",
                  "version": "6.5",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.4.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.4.6",
                  "status": "affected",
                  "version": "6.4",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.3.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.3.6",
                  "status": "affected",
                  "version": "6.3",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.2.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.2.7",
                  "status": "affected",
                  "version": "6.2",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.1.9",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.1.8",
                  "status": "affected",
                  "version": "6.1",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "6.0.11",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.0.10",
                  "status": "affected",
                  "version": "6.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.9.12",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.9.11",
                  "status": "affected",
                  "version": "5.9",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.8.12",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.8.11",
                  "status": "affected",
                  "version": "5.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.7.14",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.7.13",
                  "status": "affected",
                  "version": "5.7",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.6.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.6.15",
                  "status": "affected",
                  "version": "5.6",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.5.17",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.5.16",
                  "status": "affected",
                  "version": "5.5",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.4.18",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.4.17",
                  "status": "affected",
                  "version": "5.4",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.3.20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.3.19",
                  "status": "affected",
                  "version": "5.3",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.2.23",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.2.22",
                  "status": "affected",
                  "version": "5.2",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.1.21",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.1.20",
                  "status": "affected",
                  "version": "5.1",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "5.0.24",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "5.0.23",
                  "status": "affected",
                  "version": "5.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.9.28",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.9.27",
                  "status": "affected",
                  "version": "4.9",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.8.27",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.8.26",
                  "status": "affected",
                  "version": "4.8",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "4.7.31",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.7.30",
                  "status": "affected",
                  "version": "4.7",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Abu Hurayra (Patchstack Bug Bounty Program)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "John Blackbourn (WordPress core security team lead)"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Timothy Jacobs"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Peter Wilson"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mike Nelson"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.\u003c/p\u003e"
                }
              ],
              "value": "Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it.\nThis issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-201",
                  "description": "CWE-201 Insertion of Sensitive Information Into Sent Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:13:42.821Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-sensitive-data-exposure-vulnerability?_s_id=cve"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://wordpress.org/news/2025/09/wordpress-6-8-3-release/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
                }
              ],
              "value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "tags": [
            "x_open-source"
          ],
          "title": "WordPress \u003c= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2025-58246",
        "datePublished": "2025-09-23T17:17:12.399Z",
        "dateReserved": "2025-08-27T16:19:44.959Z",
        "dateUpdated": "2026-04-28T16:13:42.821Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-54352 (GCVE-0-2025-54352)

    Vulnerability from cvelistv5 – Published: 2025-07-21 00:00 – Updated: 2025-07-21 18:15
    VLAI
    Summary
    WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-669 - Incorrect Resource Transfer Between Spheres
    Assigner
    Impacted products
    Vendor Product Version
    WordPress WordPress Affected: 3.5 , ≤ 6.8.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54352",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-21T18:14:44.588087Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-21T18:15:20.785Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "WordPress",
              "vendor": "WordPress",
              "versions": [
                {
                  "lessThanOrEqual": "6.8.2",
                  "status": "affected",
                  "version": "3.5",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "6.8.2",
                      "versionStartIncluding": "3.5",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-669",
                  "description": "CWE-669 Incorrect Resource Transfer Between Spheres",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-21T04:27:10.814Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.imperva.com/blog/beware-a-threat-actor-could-steal-the-titles-of-your-private-and-draft-wordpress-posts/"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-54352",
        "datePublished": "2025-07-21T00:00:00.000Z",
        "dateReserved": "2025-07-21T00:00:00.000Z",
        "dateUpdated": "2025-07-21T18:15:20.785Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-4973 (GCVE-0-2022-4973)

    Vulnerability from cvelistv5 – Published: 2024-10-16 06:43 – Updated: 2026-04-08 17:17
    VLAI
    Title
    WordPress Core < 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via use of the_meta(); function
    Summary
    WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticated Stored Cross-Site Scripting that can be exploited by users with access to the WordPress post and page editor, typically consisting of Authors, Contributors, and Editors making it possible to inject arbitrary web scripts into posts and pages that execute if the the_meta(); function is called on that page.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    WordPress Foundation WordPress Affected: 0 , ≤ 3.6.1 (semver)
    Affected: 3.7 , ≤ 3.7.38 (semver)
    Affected: 3.8 , ≤ 3.8.38 (semver)
    Affected: 3.9 , ≤ 3.9.36 (semver)
    Affected: 4.0 , ≤ 4.0.35 (semver)
    Affected: 4.1 , ≤ 4.1.35 (semver)
    Affected: 4.2 , ≤ 4.2.32 (semver)
    Affected: 4.3 , ≤ 4.3.28 (semver)
    Affected: 4.4 , ≤ 4.4.27 (semver)
    Affected: 4.5 , ≤ 4.5.26 (semver)
    Affected: 4.6 , ≤ 4.6.23 (semver)
    Affected: 4.7 , ≤ 4.7.23 (semver)
    Affected: 4.8 , ≤ 4.8.19 (semver)
    Affected: 4.9 , ≤ 4.9.20 (semver)
    Affected: 5.0 , ≤ 5.0.16 (semver)
    Affected: 5.1 , ≤ 5.1.13 (semver)
    Affected: 5.2 , ≤ 5.2.15 (semver)
    Affected: 5.3 , ≤ 5.3.12 (semver)
    Affected: 5.4 , ≤ 5.4.10 (semver)
    Affected: 5.5 , ≤ 5.5.9 (semver)
    Affected: 5.6 , ≤ 5.6.8 (semver)
    Affected: 5.7 , ≤ 5.7.6 (semver)
    Affected: 5.8 , ≤ 5.8.4 (semver)
    Affected: 5.9 , ≤ 5.9.3 (semver)
    Affected: 6.0 , ≤ 6.0.1 (semver)
    Create a notification for this product.
    Credits
    John Blackbourn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4973",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-16T12:59:16.874933Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-16T12:59:35.321Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WordPress",
              "vendor": "WordPress Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "3.6.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.7.38",
                  "status": "affected",
                  "version": "3.7",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.8.38",
                  "status": "affected",
                  "version": "3.8",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.9.36",
                  "status": "affected",
                  "version": "3.9",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.0.35",
                  "status": "affected",
                  "version": "4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.1.35",
                  "status": "affected",
                  "version": "4.1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.2.32",
                  "status": "affected",
                  "version": "4.2",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.3.28",
                  "status": "affected",
                  "version": "4.3",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.4.27",
                  "status": "affected",
                  "version": "4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.5.26",
                  "status": "affected",
                  "version": "4.5",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.6.23",
                  "status": "affected",
                  "version": "4.6",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.7.23",
                  "status": "affected",
                  "version": "4.7",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.8.19",
                  "status": "affected",
                  "version": "4.8",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.9.20",
                  "status": "affected",
                  "version": "4.9",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.0.16",
                  "status": "affected",
                  "version": "5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.1.13",
                  "status": "affected",
                  "version": "5.1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.2.15",
                  "status": "affected",
                  "version": "5.2",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.3.12",
                  "status": "affected",
                  "version": "5.3",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.10",
                  "status": "affected",
                  "version": "5.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.5.9",
                  "status": "affected",
                  "version": "5.5",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.6.8",
                  "status": "affected",
                  "version": "5.6",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.7.6",
                  "status": "affected",
                  "version": "5.7",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.8.4",
                  "status": "affected",
                  "version": "5.8",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.9.3",
                  "status": "affected",
                  "version": "5.9",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.1",
                  "status": "affected",
                  "version": "6.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "John Blackbourn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticated Stored Cross-Site Scripting that can be exploited by users with access to the WordPress post and page editor, typically consisting of Authors, Contributors, and Editors making it possible to inject arbitrary web scripts into posts and pages that execute if the the_meta(); function is called on that page."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:17:09.962Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b5582e89-83e6-4898-b9fe-09eddeb5f7ae?source=cve"
            },
            {
              "url": "https://core.trac.wordpress.org/changeset/53961"
            },
            {
              "url": "https://wordpress.org/news/2022/08/wordpress-6-0-2-security-and-maintenance-release/"
            },
            {
              "url": "https://www.wordfence.com/blog/2022/08/wordpress-core-6-0-2-security-maintenance-release-what-you-need-to-know/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2022-08-30T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "WordPress Core \u003c 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via use of the_meta(); function"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2022-4973",
        "datePublished": "2024-10-16T06:43:41.734Z",
        "dateReserved": "2024-10-15T18:03:44.130Z",
        "dateUpdated": "2026-04-08T17:17:09.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-8914 (GCVE-0-2024-8914)

    Vulnerability from cvelistv5 – Published: 2024-09-24 06:40 – Updated: 2026-04-08 17:06
    VLAI
    Title
    Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam <= 2.0.1 - Unauthenticated Stored Cross-Site Scripting
    Summary
    The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 due to incorrect use of the wp_kses_allowed_html function, which allows the 'onclick' attribute for certain HTML elements without sufficient restriction or context validation. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Credits
    Francesco Carlucci
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8914",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-27T18:07:18.688461Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-27T21:43:06.600Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Thanh To\u00e1n Qu\u00e9t M\u00e3 QR Code T\u1ef1 \u0110\u1ed9ng \u2013 MoMo, ViettelPay, VNPay v\u00e0 40 ng\u00e2n h\u00e0ng Vi\u1ec7t Nam",
              "vendor": "haibasoft",
              "versions": [
                {
                  "lessThanOrEqual": "2.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Francesco Carlucci"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Thanh To\u00e1n Qu\u00e9t M\u00e3 QR Code T\u1ef1 \u0110\u1ed9ng \u2013 MoMo, ViettelPay, VNPay v\u00e0 40 ng\u00e2n h\u00e0ng Vi\u1ec7t Nam plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 due to incorrect use of the wp_kses_allowed_html function, which allows the \u0027onclick\u0027 attribute for certain HTML elements without sufficient restriction or context validation. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:06:29.970Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ef7c48b-e8f2-40bd-aa48-191059e15453?source=cve"
            },
            {
              "url": "https://wordpress.org/plugins/bck-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bck-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang/trunk/inc/functions.php#L184"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3349149/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-09-23T18:36:58.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Thanh To\u00e1n Qu\u00e9t M\u00e3 QR Code T\u1ef1 \u0110\u1ed9ng \u2013 MoMo, ViettelPay, VNPay v\u00e0 40 ng\u00e2n h\u00e0ng Vi\u1ec7t Nam \u003c= 2.0.1 - Unauthenticated Stored Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-8914",
        "datePublished": "2024-09-24T06:40:56.964Z",
        "dateReserved": "2024-09-16T21:11:21.471Z",
        "dateUpdated": "2026-04-08T17:06:29.970Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CERTFR-2026-AVI-0260

    Vulnerability from certfr_avis - Published: 2026-03-11 - Updated: 2026-03-11

    De multiples vulnérabilités ont été découvertes dans WordPress. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une falsification de requêtes côté serveur (SSRF).

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    WordPress WordPress WordPress versions antérieures à 6.9.2
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "WordPress versions ant\u00e9rieures \u00e0 6.9.2",
          "product": {
            "name": "WordPress",
            "vendor": {
              "name": "WordPress",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [],
      "initial_release_date": "2026-03-11T00:00:00",
      "last_revision_date": "2026-03-11T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0260",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-03-11T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        },
        {
          "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans WordPress. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF).",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans WordPress",
      "vendor_advisories": [
        {
          "published_at": "2026-03-10",
          "title": "Bulletin de s\u00e9curit\u00e9 WordPress wordpress-6-9-2",
          "url": "https://wordpress.org/news/2026/03/wordpress-6-9-2-release/"
        }
      ]
    }

    GCVE-1-2025-0041

    Vulnerability from gna-1 – Published: 2025-12-19 14:25 – Updated: 2025-12-19 14:54 Exclusively Hosted Service
    VLAI
    Title
    [online services] Reflected Cross-Site Scripting (XSS) / HTML Injection in Website Hosted in Luxembourg
    Summary
    The vulnerability, in a series (5) of online services in Luxembourg, occurs because a request parameter (e.g., a search or query parameter) is incorporated directly into the server-generated HTML response without proper escaping. As a result, specially crafted input containing HTML tags and attributes can be interpreted by the browser as active markup rather than plain text. An attacker can exploit this behavior by injecting HTML elements with JavaScript-capable event handlers. When the page is rendered and a user interacts with it (for example, through scrolling or other UI actions), the injected JavaScript executes within the security context of the vulnerable website. This is a reflected XSS issue, meaning the malicious payload is not stored server-side but is immediately reflected in the HTTP response to a single request. Successful exploitation requires a victim to follow a malicious link or otherwise load a request crafted by the attacker. Those vulnerabilities originated from a misconfiguration of the online service. **exclusively-hosted-service**
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
    Assigner
    References
    Impacted products
    Credits
    Mikel Hernández Alonso

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "typo3",
              "vendor": "typo3",
              "versions": [
                {
                  "status": "affected"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "wordpress",
              "vendor": "wordpress",
              "versions": [
                {
                  "status": "affected"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Mikel Hern\u00e1ndez Alonso"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe vulnerability, in a series (5) of online services in Luxembourg, occurs because a request parameter (e.g., a search or query parameter) is incorporated directly into the server-generated HTML response without proper escaping. As a result, specially crafted input containing HTML tags and attributes can be interpreted by the browser as active markup rather than plain text.\u003c/p\u003e\n\u003cp\u003eAn attacker can exploit this behavior by injecting HTML elements with JavaScript-capable event handlers. When the page is rendered and a user interacts with it (for example, through scrolling or other UI actions), the injected JavaScript executes within the security context of the vulnerable website.\u003c/p\u003e\n\u003cp\u003eThis is a \u003cstrong\u003ereflected XSS\u003c/strong\u003e issue, meaning the malicious payload is not stored server-side but is immediately reflected in the HTTP response to a single request. Successful exploitation requires a victim to follow a malicious link or otherwise load a request crafted by the attacker.\u003c/p\u003e\u003cp\u003eThose vulnerabilities originated from a misconfiguration of the online service.\u003c/p\u003e**exclusively-hosted-service**"
                }
              ],
              "value": "The vulnerability, in a series (5) of online services in Luxembourg, occurs because a request parameter (e.g., a search or query parameter) is incorporated directly into the server-generated HTML response without proper escaping. As a result, specially crafted input containing HTML tags and attributes can be interpreted by the browser as active markup rather than plain text.\n\n\nAn attacker can exploit this behavior by injecting HTML elements with JavaScript-capable event handlers. When the page is rendered and a user interacts with it (for example, through scrolling or other UI actions), the injected JavaScript executes within the security context of the vulnerable website.\n\n\nThis is a reflected XSS issue, meaning the malicious payload is not stored server-side but is immediately reflected in the HTTP response to a single request. Successful exploitation requires a victim to follow a malicious link or otherwise load a request crafted by the attacker.\n\nThose vulnerabilities originated from a misconfiguration of the online service.\n\n**exclusively-hosted-service**"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctt\u003e\u003c/tt\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003ctt\u003eThe sample url is \u0026lt;SAMPLEURL\u0026gt;.lu/recherche/?recherche=%3Caddress+onscrollsnapchange%3Dwindow%5B%27ev%27%2B%27a%27%2B%28%5B%27l%27%2C%27b%27%2C%27c%27%5D%5B0%5D%29%5D%28window%5B%27a%27%2B%27to%27%2B%28%5B%27b%27%2C%27c%27%2C%27d%27%5D%5B0%5D%29%5D%28%27YWxlcnQob3JpZ2luKQ%3D%3D%27%29%29%3B+style%3Doverflow-y%3Ahidden%3Bscroll-snap-type%3Ax%3E%3Cdiv+style%3Dscroll-snap-align%3Acenter%3E1337%3C%2Fdiv%3E%3C%2Faddress%3E\u003cbr\u003e\u003c/tt\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "The sample url is \u003cSAMPLEURL\u003e.lu/recherche/?recherche=%3Caddress+onscrollsnapchange%3Dwindow%5B%27ev%27%2B%27a%27%2B%28%5B%27l%27%2C%27b%27%2C%27c%27%5D%5B0%5D%29%5D%28window%5B%27a%27%2B%27to%27%2B%28%5B%27b%27%2C%27c%27%2C%27d%27%5D%5B0%5D%29%5D%28%27YWxlcnQob3JpZ2luKQ%3D%3D%27%29%29%3B+style%3Doverflow-y%3Ahidden%3Bscroll-snap-type%3Ax%3E%3Cdiv+style%3Dscroll-snap-align%3Acenter%3E1337%3C%2Fdiv%3E%3C%2Faddress%3E"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-244",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-244 XSS Targeting URI Placeholders"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "orgId": "00000000-0000-4000-9000-000000000000"
          },
          "references": [
            {
              "tags": [
                "technical-description"
              ],
              "url": "https://owasp.org/Top10/2025/A02_2025-Security_Misconfiguration/"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "tags": [
            "exclusively-hosted-service"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-10-07T22:00:00.000Z",
              "value": "Initial reporting"
            }
          ],
          "title": "[online services] Reflected Cross-Site Scripting (XSS) / HTML Injection in Website Hosted in Luxembourg",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "00000000-0000-4000-9000-000000000000",
        "datePublished": "2025-12-19T14:25:00.000Z",
        "dateUpdated": "2025-12-19T14:54:51.594645Z",
        "requesterUserId": "00000000-0000-4000-9000-000000000000",
        "serial": 1,
        "state": "PUBLISHED",
        "vulnId": "gcve-1-2025-0041",
        "vulnerabilitylookup_history": [
          [
            "alexandre.dulaunoy@circl.lu",
            "2025-12-19T14:25:11.812890Z"
          ],
          [
            "alexandre.dulaunoy@circl.lu",
            "2025-12-19T14:30:14.448194Z"
          ],
          [
            "alexandre.dulaunoy@circl.lu",
            "2025-12-19T14:30:45.864429Z"
          ],
          [
            "alexandre.dulaunoy@circl.lu",
            "2025-12-19T14:41:48.015387Z"
          ],
          [
            "alexandre.dulaunoy@circl.lu",
            "2025-12-19T14:42:18.937137Z"
          ],
          [
            "alexandre.dulaunoy@circl.lu",
            "2025-12-19T14:43:23.523252Z"
          ],
          [
            "alexandre.dulaunoy@circl.lu",
            "2025-12-19T14:50:30.687423Z"
          ],
          [
            "alexandre.dulaunoy@circl.lu",
            "2025-12-19T14:54:51.594645Z"
          ]
        ]
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    VAR-200803-0016

    Vulnerability from variot - Updated: 2024-07-23 22:01

    CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. An attacker could exploit this issue to harvest potentially sensitive information; other attacks are also possible. NOTE: This vulnerability was previously covered in BID 28290 (Apple Safari Prior to 3.1 Multiple Security Vulnerabilities), but has been given its own record to better document the issue. Safari is the WEB browser bundled with the Apple family operating system by default.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15884

    VERIFY ADVISORY: http://secunia.com/advisories/15884/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/

    DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200803-0016",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "version"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.4"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.4"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.3.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.8"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.7"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.8"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.7"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0.2"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "safari",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "ipod touch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "model": "iphone",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "28356"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200803-265"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0050"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-0050"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Robert Swiecki robert@swiecki.netAdam BarthCollin Jackson collinj@cs.stanford.eduEric SeidelTavis Ormandy taviso@gentoo.orgWill Drewry wad@google.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200803-265"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-0050",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2008-0050",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-30175",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-0050",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200803-265",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-30175",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-30175"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200803-265"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0050"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. \nAn attacker could exploit this issue to harvest potentially sensitive information; other attacks are also possible. \nNOTE: This vulnerability was previously covered in BID 28290 (Apple Safari Prior to 3.1 Multiple Security Vulnerabilities), but has been given its own record to better document the issue. Safari is the WEB browser bundled with the Apple family operating system by default. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 2.0.5. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-0050"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001198"
          },
          {
            "db": "BID",
            "id": "28356"
          },
          {
            "db": "VULHUB",
            "id": "VHN-30175"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          }
        ],
        "trust": 2.79
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "28356",
            "trust": 2.8
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0050",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "29420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1019655",
            "trust": 2.5
          },
          {
            "db": "USCERT",
            "id": "TA08-079A",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "31074",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2094",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0920",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0924",
            "trust": 1.7
          },
          {
            "db": "BID",
            "id": "28290",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA08-079A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001198",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200803-265",
            "trust": 0.7
          },
          {
            "db": "CERT/CC",
            "id": "TA08-079A",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-03-18",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-07-11",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "502",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "41313",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-30175",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38390",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-30175"
          },
          {
            "db": "BID",
            "id": "28356"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001198"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200803-265"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0050"
          }
        ]
      },
      "id": "VAR-200803-0016",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-30175"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T22:01:55.420000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Update 2008-002",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht1249?viewlocale=en_us"
          },
          {
            "title": "iPhone v2.0 and iPod touch v2.0",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht2351"
          },
          {
            "title": "Safari 3.1",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht1315"
          },
          {
            "title": "Safari 3.1",
            "trust": 0.8,
            "url": "http://docs.info.apple.com/article.html?artnum=307563-ja"
          },
          {
            "title": "Security Update 2008-002",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht1249?viewlocale=ja_jp"
          },
          {
            "title": "iPhone v2.0 and iPod touch v2.0",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht2351?viewlocale=ja_jp\u0026locale=ja_jp"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001198"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-30175"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001198"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0050"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/28356"
          },
          {
            "trust": 2.5,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-079a.html"
          },
          {
            "trust": 2.5,
            "url": "http://www.securitytracker.com/id?1019655"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/29420"
          },
          {
            "trust": 2.0,
            "url": "http://docs.info.apple.com/article.html?artnum=307562"
          },
          {
            "trust": 2.0,
            "url": "http://docs.info.apple.com/article.html?artnum=307563"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008//jul/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/28290"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/31074"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0920/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0924/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2094/references"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41313"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0050"
          },
          {
            "trust": 0.8,
            "url": "http://www.frsirt.com/english/advisories/2008/0920"
          },
          {
            "trust": 0.8,
            "url": "http://www.frsirt.com/english/advisories/2008/0924"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta08-079a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta08-079a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0050"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa08-079a.html"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/41313"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/2094/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/0924/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/0920/references"
          },
          {
            "trust": 0.3,
            "url": "http://www.apple.com/safari/download/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4577/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-30175"
          },
          {
            "db": "BID",
            "id": "28356"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001198"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200803-265"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0050"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-30175"
          },
          {
            "db": "BID",
            "id": "28356"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001198"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200803-265"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0050"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-03-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-30175"
          },
          {
            "date": "2008-03-18T00:00:00",
            "db": "BID",
            "id": "28356"
          },
          {
            "date": "2008-04-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001198"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "date": "2008-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200803-265"
          },
          {
            "date": "2008-03-18T22:44:00",
            "db": "NVD",
            "id": "CVE-2008-0050"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2017-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-30175"
          },
          {
            "date": "2015-05-07T18:20:00",
            "db": "BID",
            "id": "28356"
          },
          {
            "date": "2008-07-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001198"
          },
          {
            "date": "2008-10-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200803-265"
          },
          {
            "date": "2017-08-08T01:29:19.883000",
            "db": "NVD",
            "id": "CVE-2008-0050"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200803-265"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200803-265"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201304-0375

    Vulnerability from variot - Updated: 2024-07-23 22:01

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the sun.awt.image.ImageRepresentation.setICMpixels' native function. The issue lies in the handling of the scanlineStride argument, which is not properly validated before being used. By manipulating the function's arguments an attacker can force an integer overflow to occur before indexing into an array. An attacker can leverage this vulnerability to execute code under the context of the current process. Oracle Java SE is prone to an integer-overflow vulnerability in Java Runtime Environment. This vulnerability affects the following supported versions: 7 Update 17 , 6 Update 43 , 5.0 Update 41. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03898880

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c03898880 Version: 1

    HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2013-08-19 Last Updated: 2013-08-16

    Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java5 Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v5.0.28 and earlier

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2013-0401 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1491 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1500 (AV:L/AC:L/Au:N/C:P/I:P/A:N) 3.6 CVE-2013-1518 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1537 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1557 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1569 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1571 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-2383 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2384 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2394 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2417 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2419 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2420 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2424 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2430 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2432 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2433 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-2439 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2013-2444 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2445 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2013-2446 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2447 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2448 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2450 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2452 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2454 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2013-2455 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2456 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2457 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-2459 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2463 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2464 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2465 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2469 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2470 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2471 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2472 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2473 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-3743 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    RESOLUTION

    HP has provided the following Java version upgrade to resolve these vulnerabilities.

    The upgrade is available from the following location http://www.hp.com/go/java HP-UX Version HPJava Version

    B.11.11, B.11.23, B.11.31 JDK / JRE v5.0.29 or subsequent

    MANUAL ACTIONS: Yes - Update For Java v5.0 update to Java v5.0.29 or subsequent

    PRODUCT SPECIFIC INFORMATION

    HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa

    The following text is for use by the HP-UX Software Assistant.

    AFFECTED VERSIONS

    HP-UX B.11.23 HP-UX B.11.31 =========== Jdk15.JDK15-COM Jdk15.JDK15-DEMO Jdk15.JDK15-IPF32 Jdk15.JDK15-IPF64 Jre15.JRE15-COM Jre15.JRE15-COM-DOC Jre15.JRE15-IPF32 Jre15.JRE15-IPF32-HS Jre15.JRE15-IPF64 Jre15.JRE15-IPF64-HS action: install revision 1.5.0.29.00 or subsequent

    HP-UX B.11.11 HP-UX B.11.23 =========== Jdk15.JDK15-COM Jdk15.JDK15-DEMO Jdk15.JDK15-PA20 Jdk15.JDK15-PA20W Jre15.JRE15-COM Jre15.JRE15-COM-DOC Jre15.JRE15-PA20 Jre15.JRE15-PA20-HS Jre15.JRE15-PA20W Jre15.JRE15-PA20W-HS action: install revision 1.5.0.29.00 or subsequent

    END AFFECTED VERSIONS

    HISTORY Version:1 (rev.1) - 19 August 2013 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com

    Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

    Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/

    Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

    3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX

    Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. ========================================================================== Ubuntu Security Notice USN-1806-1 April 23, 2013

    openjdk-7 vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 12.10

    Summary:

    Several security issues were fixed in OpenJDK 7.

    Software Description: - openjdk-7: Open Source Java implementation

    Details:

    Ben Murphy discovered a vulnerability in the OpenJDK JRE related to information disclosure and data integrity. (CVE-2013-0401)

    James Forshaw discovered a vulnerability in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2013-1518, CVE-2013-1537, CVE-2013-1557, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2436)

    Two vulnerabilities were discovered in the OpenJDK JRE related to confidentiality. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-2415, CVE-2013-2424)

    Two vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2013-2417, CVE-2013-2419)

    A vulnerability was discovered in the OpenJDK JRE related to data integrity. (CVE-2013-2423)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 12.10: icedtea-7-jre-jamvm 7u21-2.3.9-0ubuntu0.12.10.1 openjdk-7-jre 7u21-2.3.9-0ubuntu0.12.10.1 openjdk-7-jre-headless 7u21-2.3.9-0ubuntu0.12.10.1 openjdk-7-jre-lib 7u21-2.3.9-0ubuntu0.12.10.1 openjdk-7-jre-zero 7u21-2.3.9-0ubuntu0.12.10.1

    This update uses a new upstream release, which includes additional bug fixes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-32


                                            http://security.gentoo.org/
    

    Severity: High Title: IcedTea JDK: Multiple vulnerabilities Date: June 29, 2014 Bugs: #312297, #330205, #340819, #346799, #352035, #353418, #354231, #355127, #370787, #387637, #404095, #421031, #429522, #433389, #438750, #442478, #457206, #458410, #461714, #466822, #477210, #489570, #508270 ID: 201406-32


    Synopsis

    Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution.

    Background

    IcedTea is a distribution of the Java OpenJDK source code built with free build tools.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3

    Description

    Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details.

    Impact

    A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, bypass intended security policies, or have other unspecified impact.

    Workaround

    There is no known workaround at this time.

    Resolution

    All IcedTea JDK users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"

    References

    [ 1 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 2 ] CVE-2010-2548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548 [ 3 ] CVE-2010-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783 [ 4 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 5 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 6 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 7 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 8 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 9 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 10 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 11 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 12 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 13 ] CVE-2010-3564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564 [ 14 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 15 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 16 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 17 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 18 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 19 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 20 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 21 ] CVE-2010-3860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860 [ 22 ] CVE-2010-4351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351 [ 23 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 24 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 25 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 26 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 27 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 28 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 29 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 30 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 31 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 32 ] CVE-2011-0025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025 [ 33 ] CVE-2011-0706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706 [ 34 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 35 ] CVE-2011-0822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822 [ 36 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 37 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 38 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 39 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 40 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 41 ] CVE-2011-0870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870 [ 42 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 43 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 44 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 45 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 46 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 47 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 48 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 49 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 50 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 51 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 52 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 53 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 54 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 55 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 56 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 57 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 58 ] CVE-2011-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571 [ 59 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 60 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 61 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 62 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 63 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 64 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 65 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 66 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 67 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 68 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 69 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 70 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 71 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 72 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 73 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 74 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 75 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 76 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 77 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 78 ] CVE-2012-3422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422 [ 79 ] CVE-2012-3423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423 [ 80 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 81 ] CVE-2012-4540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540 [ 82 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 83 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 84 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 85 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 86 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 87 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 88 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 89 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 90 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 91 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 92 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 93 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 94 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 95 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 96 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 97 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 98 ] CVE-2012-5979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979 [ 99 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 100 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 101 ] CVE-2013-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424 [ 102 ] CVE-2013-0425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425 [ 103 ] CVE-2013-0426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426 [ 104 ] CVE-2013-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427 [ 105 ] CVE-2013-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428 [ 106 ] CVE-2013-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429 [ 107 ] CVE-2013-0431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431 [ 108 ] CVE-2013-0432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432 [ 109 ] CVE-2013-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433 [ 110 ] CVE-2013-0434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434 [ 111 ] CVE-2013-0435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435 [ 112 ] CVE-2013-0440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440 [ 113 ] CVE-2013-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441 [ 114 ] CVE-2013-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442 [ 115 ] CVE-2013-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443 [ 116 ] CVE-2013-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444 [ 117 ] CVE-2013-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450 [ 118 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 119 ] CVE-2013-1475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475 [ 120 ] CVE-2013-1476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476 [ 121 ] CVE-2013-1478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478 [ 122 ] CVE-2013-1480 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480 [ 123 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 124 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 125 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 126 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 127 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 128 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 129 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 130 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 131 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 132 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 133 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 134 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 135 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 136 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 137 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 138 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 139 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 140 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 141 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 142 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 143 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 144 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 145 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 146 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 147 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 148 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 149 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 150 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 151 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 152 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 153 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 154 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 155 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 156 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 157 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 158 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 159 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 160 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 161 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 162 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 163 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 164 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 165 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 166 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 167 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 168 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 169 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 170 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 171 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 172 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 173 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 174 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 175 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 176 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 177 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 178 ] CVE-2013-4002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002 [ 179 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 180 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 181 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 182 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 183 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 184 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 185 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 186 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 187 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 188 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 189 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 190 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 191 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 192 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 193 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 194 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 195 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 196 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 197 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 198 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 199 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 200 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 201 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 202 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 203 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 204 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 205 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 206 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 207 ] CVE-2013-6629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629 [ 208 ] CVE-2013-6954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954 [ 209 ] CVE-2014-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429 [ 210 ] CVE-2014-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446 [ 211 ] CVE-2014-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451 [ 212 ] CVE-2014-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452 [ 213 ] CVE-2014-0453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453 [ 214 ] CVE-2014-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456 [ 215 ] CVE-2014-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457 [ 216 ] CVE-2014-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458 [ 217 ] CVE-2014-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459 [ 218 ] CVE-2014-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460 [ 219 ] CVE-2014-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461 [ 220 ] CVE-2014-1876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876 [ 221 ] CVE-2014-2397 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397 [ 222 ] CVE-2014-2398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398 [ 223 ] CVE-2014-2403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403 [ 224 ] CVE-2014-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412 [ 225 ] CVE-2014-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414 [ 226 ] CVE-2014-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421 [ 227 ] CVE-2014-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423 [ 228 ] CVE-2014-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201406-32.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2013:0752-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0752.html Issue date: 2013-04-17 CVE Names: CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436 =====================================================================

    1. Summary:

    Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5.

    The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

    1. Description:

    These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit.

    Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384)

    Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-1558, CVE-2013-2422, CVE-2013-2436, CVE-2013-1518, CVE-2013-1557)

    The previous default value of the java.rmi.server.useCodebaseOnly property permitted the RMI implementation to automatically load classes from remotely specified locations. (CVE-2013-1537)

    Note: The fix for CVE-2013-1537 changes the default value of the property to true, restricting class loading to the local CLASSPATH and locations specified in the java.rmi.server.codebase property. Refer to Red Hat Bugzilla bug 952387 for additional details.

    The 2D component did not properly process certain images. An untrusted Java application or applet could possibly use this flaw to trigger Java Virtual Machine memory corruption. (CVE-2013-2420)

    It was discovered that the Hotspot component did not properly handle certain intrinsic frames, and did not correctly perform access checks and MethodHandle lookups. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-2431, CVE-2013-2421, CVE-2013-2423)

    It was discovered that JPEGImageReader and JPEGImageWriter in the ImageIO component did not protect against modification of their state while performing certain native code operations. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-2429, CVE-2013-2430)

    The JDBC driver manager could incorrectly call the toString() method in JDBC drivers, and the ConcurrentHashMap class could incorrectly call the defaultReadObject() method. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2013-1488, CVE-2013-2426)

    The sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2013-0401)

    Flaws were discovered in the Network component's InetAddress serialization, and the 2D component's font handling. An untrusted Java application or applet could possibly use these flaws to crash the Java Virtual Machine. (CVE-2013-2417, CVE-2013-2419)

    The MBeanInstantiator class implementation in the OpenJDK JMX component did not properly check class access before creating new instances. An untrusted Java application or applet could use this flaw to create instances of non-public classes. (CVE-2013-2424)

    It was discovered that JAX-WS could possibly create temporary files with insecure permissions. A local attacker could use this flaw to access temporary files created by an application using JAX-WS. (CVE-2013-2415)

    This erratum also upgrades the OpenJDK package to IcedTea7 2.3.9. Refer to the NEWS file, linked to in the References, for further information.

    All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

    1. Bugs fixed (http://bugzilla.redhat.com/):

    920245 - CVE-2013-0401 OpenJDK: unspecified sandbox bypass (CanSecWest 2013, AWT) 920247 - CVE-2013-1488 OpenJDK: unspecified sanbox bypass (CanSecWest 2013, Libraries) 952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040) 952389 - CVE-2013-2415 OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542) 952398 - CVE-2013-2423 OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677) 952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435) 952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918) 952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667) 952550 - CVE-2013-2436 OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049) 952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617) 952640 - CVE-2013-1558 OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507) 952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857) 952645 - CVE-2013-2431 OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336) 952646 - CVE-2013-1518 OpenJDK: JAXP missing security restrictions (JAXP, 6657673) 952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329) 952649 - CVE-2013-2421 OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699) 952653 - CVE-2013-2426 OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063) 952656 - CVE-2013-2419 OpenJDK: font processing errors (2D, 8001031) 952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724) 952708 - CVE-2013-2383 OpenJDK: font layout and glyph table errors (2D, 8004986) 952709 - CVE-2013-2384 OpenJDK: font layout and glyph table errors (2D, 8004987) 952711 - CVE-2013-1569 OpenJDK: font layout and glyph table errors (2D, 8004994)

    1. Package List:

    Red Hat Enterprise Linux Desktop (v. 5 client):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.src.rpm

    i386: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el5_9.i386.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el5_9.i386.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el5_9.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el5_9.i386.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el5_9.i386.rpm

    x86_64: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm

    Red Hat Enterprise Linux (v. 5 server):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.src.rpm

    i386: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el5_9.i386.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el5_9.i386.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el5_9.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el5_9.i386.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el5_9.i386.rpm

    x86_64: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2013-0401.html https://www.redhat.com/security/data/cve/CVE-2013-1488.html https://www.redhat.com/security/data/cve/CVE-2013-1518.html https://www.redhat.com/security/data/cve/CVE-2013-1537.html https://www.redhat.com/security/data/cve/CVE-2013-1557.html https://www.redhat.com/security/data/cve/CVE-2013-1558.html https://www.redhat.com/security/data/cve/CVE-2013-1569.html https://www.redhat.com/security/data/cve/CVE-2013-2383.html https://www.redhat.com/security/data/cve/CVE-2013-2384.html https://www.redhat.com/security/data/cve/CVE-2013-2415.html https://www.redhat.com/security/data/cve/CVE-2013-2417.html https://www.redhat.com/security/data/cve/CVE-2013-2419.html https://www.redhat.com/security/data/cve/CVE-2013-2420.html https://www.redhat.com/security/data/cve/CVE-2013-2421.html https://www.redhat.com/security/data/cve/CVE-2013-2422.html https://www.redhat.com/security/data/cve/CVE-2013-2423.html https://www.redhat.com/security/data/cve/CVE-2013-2424.html https://www.redhat.com/security/data/cve/CVE-2013-2426.html https://www.redhat.com/security/data/cve/CVE-2013-2429.html https://www.redhat.com/security/data/cve/CVE-2013-2430.html https://www.redhat.com/security/data/cve/CVE-2013-2431.html https://www.redhat.com/security/data/cve/CVE-2013-2436.html https://access.redhat.com/security/updates/classification/#important http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.9/NEWS

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFRbvJKXlSAg2UNWIIRAqUrAJ9Z/4p4Hfhem2IW/HyrENsM6alnkACeJrNj u7V5CaCh5MYZ84AllqEIm+E= =pvGZ -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/en/support/security/advisories/

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)

    iD8DBQFRcSLkmqjQ0CJFipgRAsEgAJ4gHSUUcP7uDS3JIxzQZxnCLwXe1QCfTQXq o4NG1rmFdAUfR4q/O/aHdtM= =EXuM -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201304-0375",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "jre",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "model": "jre",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.5.0"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.5.0"
          },
          {
            "model": "jre",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "1.6.0"
          },
          {
            "model": "jdk",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.6.0"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.6.0"
          },
          {
            "model": "jdk",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.5.0"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.5.0"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "1.6.0"
          },
          {
            "model": "jre",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.6.0"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.6.0"
          },
          {
            "model": "jdk",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "model": "jre 1.6.0 03",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 17",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.7.0 8",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 15",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.5.0 17",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 01",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.6.0 18",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 35",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 16",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 22",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.6.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 14",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.6.0 21",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 20",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 38",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 43",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 07",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.6.0 35",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 31",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 18",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.6.0 19",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 10",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 18",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.6.0 03",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 17",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.6.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.7.0 2",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.7.0 8",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.7.0 2",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 20",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 12",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 13",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 14",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.7.0 12",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.5.0 36",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.7.0 10",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.6.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 35",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 41",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 36",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 38",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 37",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 38",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.7.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 14",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 15",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 16",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.5.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 12",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.5.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 33",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 7",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.7"
          },
          {
            "model": "jre 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.6.0 02",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.6.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 01",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.7.0 4",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 9",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.6.0 19",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.7.0 9",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.7.0 13",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 38",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 15",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 22",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 07",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.7.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 20",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 43",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 29",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 35",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 17",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.5.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 14",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 13",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.7.0 7",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 02",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 13",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 10",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.7.0 4",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 01",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.6.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 33",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 21",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 24",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.5.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 22",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 11",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 18",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.7"
          },
          {
            "model": "jdk 1.5.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 22",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 24",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 29",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 17",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 31",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 15",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 13",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk .0 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.6.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 0 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.5.0 13",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 24",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "java runtime",
            "scope": null,
            "trust": 0.7,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0.0 11",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0.0 09",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 11-b03",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.5.0 12",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.7.0 17",
            "scope": null,
            "trust": 0.6,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk .0 04",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 01-b06",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.5.0 41",
            "scope": null,
            "trust": 0.6,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk .0 03",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.5.0.0 08",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 12",
            "scope": null,
            "trust": 0.6,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0.0 09",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0.0 07",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 01",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 07-b03",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 06",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.5.0.0 08",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 20",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0.0 12",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "cosminexus developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "5.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "11.10"
          },
          {
            "model": "one-x client enablement service sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6)5.5"
          },
          {
            "model": "trio tview software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "3.27.0"
          },
          {
            "model": "cms r15",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "intelligent operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.2"
          },
          {
            "model": "one-x client enablement service sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.3"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.2"
          },
          {
            "model": "tivoli provisioning manager for software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1.3"
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7"
          },
          {
            "model": "jdk 01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.1"
          },
          {
            "model": "maximo asset management essentials",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "model": "cms r16.3",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.11"
          },
          {
            "model": "websphere cast iron cloud integration virtual applianc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "java se",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "model": "trio tview software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "3.29.0"
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1"
          },
          {
            "model": "ucosminexus application server enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "02-00"
          },
          {
            "model": "virtualization engine ts7700",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.31.0.89"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.1"
          },
          {
            "model": "ucosminexus application server standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.3"
          },
          {
            "model": "cosminexus server web edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "4"
          },
          {
            "model": "linux enterprise software development kit sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "ucosminexus application server express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "09-70"
          },
          {
            "model": "websphere cast iron cloud integration studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "lotus notes fix pack",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.35"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.1"
          },
          {
            "model": "lotus domino fix pack",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.35"
          },
          {
            "model": "aura system platform sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.6"
          },
          {
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5)5.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.2"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.6"
          },
          {
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.10"
          },
          {
            "model": "linux enterprise server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0"
          },
          {
            "model": "intelligent operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.1"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1"
          },
          {
            "model": "tivoli endpoint manager for remote control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "model": "ucosminexus operator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1.2"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.5"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.10"
          },
          {
            "model": "aura application server sip core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53002.0"
          },
          {
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.3.0.3"
          },
          {
            "model": "ip office application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.0"
          },
          {
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.1"
          },
          {
            "model": "one-x client enablement service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "websphere cast iron cloud integration physical applian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.1"
          },
          {
            "model": "one-x client enablement service sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0"
          },
          {
            "model": "cosminexus developer light",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "6"
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.4"
          },
          {
            "model": "tivoli system automation for multiplatforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.2"
          },
          {
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "model": "tivoli system automation for integrated operations management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.4"
          },
          {
            "model": "cosminexus studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "4.0"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "model": "cosminexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "8.0"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "model": "websphere operational decision management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.0"
          },
          {
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "rational host on-demand",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.0.7"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "model": "enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "java sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.3"
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1.5"
          },
          {
            "model": "ucosminexus developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "010"
          },
          {
            "model": "enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.0.1"
          },
          {
            "model": "rational host on-demand",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.0.8"
          },
          {
            "model": "ucosminexus service architect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "model": "voice portal sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "model": "jdk 1.5.0 11",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "websphere cast iron cloud integration live saas offeri",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.2"
          },
          {
            "model": "ucosminexus developer light",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "smart analytics system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "56009.7"
          },
          {
            "model": "cosminexus server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "4"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.4"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "jdk 1.5.0.0 04",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.2"
          },
          {
            "model": "enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "model": "maximo asset management essentials",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.3"
          },
          {
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "aura communication manager utility services sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.16.1.0.9.8"
          },
          {
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.4"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2"
          },
          {
            "model": "jdk 1.5.0.0 06",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.5"
          },
          {
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.4.0.15"
          },
          {
            "model": "one-x client enablement service sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.1"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "model": "websphere ilog jrules",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "model": "ucosminexus application server light",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "model": "cosminexus application server standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "6"
          },
          {
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.1"
          },
          {
            "model": "cms r17",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1.4"
          },
          {
            "model": "uploader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wordpress",
            "version": "1.0"
          },
          {
            "model": "websphere cast iron cloud integration virtual applianc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "model": "cosminexus developer professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "6"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "12.2"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2"
          },
          {
            "model": "jre 1.5.0 09",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "model": "linux enterprise server for vmware sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.2"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.4"
          },
          {
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.5"
          },
          {
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli remote control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.2"
          },
          {
            "model": "websphere cast iron cloud integration virtual applianc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "model": "websphere cast iron cloud integration physical applian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "model": "jre beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "model": "linux enterprise server for vmware sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.5.0.15"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.1"
          },
          {
            "model": "tivoli system automation application manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "aura system manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "enterprise linux server eus 6.4.z",
            "scope": null,
            "trust": 0.3,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "cosminexus developer standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "6"
          },
          {
            "model": "enterprise server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "model": "jdk 07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.3"
          },
          {
            "model": "aura session manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "java sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "model": "ip office server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.1"
          },
          {
            "model": "cosminexus application server enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "6"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.2"
          },
          {
            "model": "cosminexus application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "5.0"
          },
          {
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "model": "ucosminexus developer professional for plug-in",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "model": "enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.6"
          },
          {
            "model": "intelligent operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5"
          },
          {
            "model": "enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.3.8.3"
          },
          {
            "model": "tivoli endpoint manager for remote control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.2"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.3"
          },
          {
            "model": "tivoli system automation for integrated operations management",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1.4"
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.3"
          },
          {
            "model": "enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.3.9.3"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.3"
          },
          {
            "model": "jdk 1.5.0 11-b03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2"
          },
          {
            "model": "virtualization engine ts7700",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "model": "tivoli system automation for multiplatforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.5"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.5"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1x8664"
          },
          {
            "model": "websphere message broker",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "tivoli system automation application manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.3"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.3"
          },
          {
            "model": "enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.2"
          },
          {
            "model": "websphere cast iron cloud integration live saas offeri",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.1"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "operational decision manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.3"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.2"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.1"
          },
          {
            "model": "cosminexus studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "5"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "model": "websphere message broker",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.1"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.2"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2"
          },
          {
            "model": "maximo asset management essentials",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.7"
          },
          {
            "model": "cosminexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "7.0"
          },
          {
            "model": "websphere message broker",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "model": "java jre/jdk for hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.6.0.18"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "model": "ucosminexus developer professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "aura experience portal sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "ucosminexus developer standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.8"
          },
          {
            "model": "cosminexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "9.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.3"
          },
          {
            "model": "aura presence services sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "aura system manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "tivoli system automation application manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.1"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.8"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.3"
          },
          {
            "model": "aura system manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.2"
          },
          {
            "model": "cosminexus client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.1"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.4"
          },
          {
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "model": "jre 07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.2"
          },
          {
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.13"
          },
          {
            "model": "jdk 0 09",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.5"
          },
          {
            "model": "jre 1.5.0 08",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.4"
          },
          {
            "model": "websphere cast iron cloud integration studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.7"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.2"
          },
          {
            "model": "ucosminexus application server smart edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "aura session manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "aura conferencing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.7"
          },
          {
            "model": "tivoli system automation for multiplatforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2"
          },
          {
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "5"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "model": "ip office application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.1"
          },
          {
            "model": "messaging application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "model": "linux enterprise java sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.2"
          },
          {
            "model": "websphere cast iron cloud integration physical applian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "websphere cast iron cloud integration studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.3"
          },
          {
            "model": "aura conferencing sp1 standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.0.1"
          },
          {
            "model": "one-x client enablement service sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.8"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.5"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.3"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.1.0.9"
          },
          {
            "model": "tivoli provisioning manager for software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "model": "java se",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "model": "aura application server sip core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53003.0"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.4"
          },
          {
            "model": "jdk 1.5.0 07-b03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1.1"
          },
          {
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "model": "aura experience portal sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.5"
          },
          {
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "model": "operational decision manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2"
          },
          {
            "model": "cms r16",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "aura system manager sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "aura system platform sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "model": "ucosminexus service platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.5"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "jdk 1.6.0 01-b06",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.2"
          },
          {
            "model": "aura conferencing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "model": "ucosminexus client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "aura system platform sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "model": "tivoli system automation application manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.2"
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "model": "enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1.1"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3.0"
          },
          {
            "model": "enterprise linux hpc node supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "ucosminexus application server standard-r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "model": "jdk 1.5.0.0 03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.4"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.0.9.8"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7"
          },
          {
            "model": "linux enterprise java sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.5"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.2"
          },
          {
            "model": "rational host on-demand",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.0"
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "model": "jdk 0 03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "linux enterprise software development kit sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.12"
          },
          {
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "aura conferencing standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "java jre/jdk for hp-ux",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.6.0.19.00"
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "model": "tivoli system automation for multiplatforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.2"
          },
          {
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-073"
          },
          {
            "db": "BID",
            "id": "59167"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2420"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:*:update17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.7.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:*:update17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.7.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:*:update43:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.6.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:*:update43:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.6.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:*:update41:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.5.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:*:update41:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.5.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-2420"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Vitaliy Toropov",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-073"
          },
          {
            "db": "BID",
            "id": "59167"
          }
        ],
        "trust": 1.0
      },
      "cve": "CVE-2013-2420",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "ZDI",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2013-2420",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "HIGH",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2013-2420",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ZDI",
                "id": "CVE-2013-2420",
                "trust": 0.7,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2013-2420",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-073"
          },
          {
            "db": "VULMON",
            "id": "CVE-2013-2420"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2420"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.  NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient \"validation of images\" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the sun.awt.image.ImageRepresentation.setICMpixels\u0027 native function.  The issue lies in the handling of the scanlineStride argument, which is not properly validated before being used.  By manipulating the function\u0027s arguments an attacker can force an integer overflow to occur before indexing into an array.  An attacker can leverage this vulnerability to execute code under the context of the current process. Oracle Java SE is prone to an integer-overflow vulnerability in Java Runtime Environment. \nThis vulnerability affects the following supported versions:\n7 Update 17 ,  6 Update 43 ,  5.0 Update 41. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03898880\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03898880\nVersion: 1\n\nHPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE)\nand Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of\nInformation, and Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2013-08-19\nLast Updated: 2013-08-16\n\nPotential Security Impact: Remote unauthorized access, disclosure of\ninformation, and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in Java5 Runtime\nEnvironment (JRE) and Java Developer Kit (JDK) running on HP-UX. These\nvulnerabilities could allow remote unauthorized access, disclosure of\ninformation, and other vulnerabilities. \nHP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v5.0.28 and\nearlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2013-0401    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1491    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1500    (AV:L/AC:L/Au:N/C:P/I:P/A:N)        3.6\nCVE-2013-1518    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1537    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1557    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1569    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1571    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2013-2383    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2384    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2394    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2013-2417    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2013-2419    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2013-2420    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2424    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2013-2429    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2013-2430    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2013-2432    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2433    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2013-2439    (AV:L/AC:M/Au:N/C:C/I:C/A:C)        6.9\nCVE-2013-2444    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2013-2445    (AV:N/AC:L/Au:N/C:N/I:N/A:C)        7.8\nCVE-2013-2446    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2013-2447    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2013-2448    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2013-2450    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2013-2452    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2013-2454    (AV:N/AC:M/Au:N/C:P/I:P/A:N)        5.8\nCVE-2013-2455    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2013-2456    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2013-2457    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2013-2459    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2463    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2464    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2465    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2469    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2470    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2471    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2472    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-2473    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-3743    (AV:N/AC:M/Au:N/C:C/I:C/A:C)        9.3\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following Java version upgrade to resolve these\nvulnerabilities. \n\nThe upgrade is available from the following location\nhttp://www.hp.com/go/java\nHP-UX Version\n HPJava Version\n\nB.11.11, B.11.23, B.11.31\n JDK / JRE v5.0.29 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v5.0 update to Java v5.0.29 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk15.JDK15-COM\nJdk15.JDK15-DEMO\nJdk15.JDK15-IPF32\nJdk15.JDK15-IPF64\nJre15.JRE15-COM\nJre15.JRE15-COM-DOC\nJre15.JRE15-IPF32\nJre15.JRE15-IPF32-HS\nJre15.JRE15-IPF64\nJre15.JRE15-IPF64-HS\naction: install revision 1.5.0.29.00 or subsequent\n\nHP-UX B.11.11\nHP-UX B.11.23\n===========\nJdk15.JDK15-COM\nJdk15.JDK15-DEMO\nJdk15.JDK15-PA20\nJdk15.JDK15-PA20W\nJre15.JRE15-COM\nJre15.JRE15-COM-DOC\nJre15.JRE15-PA20\nJre15.JRE15-PA20-HS\nJre15.JRE15-PA20W\nJre15.JRE15-PA20W-HS\naction: install revision 1.5.0.29.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 19 August 2013 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel.  For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n==========================================================================\nUbuntu Security Notice USN-1806-1\nApril 23, 2013\n\nopenjdk-7 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.10\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK 7. \n\nSoftware Description:\n- openjdk-7: Open Source Java implementation\n\nDetails:\n\nBen Murphy discovered a vulnerability in the OpenJDK JRE related to\ninformation disclosure and data integrity. (CVE-2013-0401)\n\nJames Forshaw discovered a vulnerability in the OpenJDK JRE related to\ninformation disclosure, data integrity and availability. An attacker could\nexploit these to cause a denial of service or expose sensitive data over\nthe network. (CVE-2013-1518, CVE-2013-1537, CVE-2013-1557, CVE-2013-1569,\nCVE-2013-2383, CVE-2013-2384, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422,\nCVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2436)\n\nTwo vulnerabilities were discovered in the OpenJDK JRE related to\nconfidentiality. An attacker could exploit these to expose sensitive data\nover the network. (CVE-2013-2415, CVE-2013-2424)\n\nTwo vulnerabilities were discovered in the OpenJDK JRE related to\navailability. An attacker could exploit these to cause a denial of service. \n(CVE-2013-2417, CVE-2013-2419)\n\nA vulnerability was discovered in the OpenJDK JRE related to data\nintegrity. (CVE-2013-2423)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.10:\n  icedtea-7-jre-jamvm             7u21-2.3.9-0ubuntu0.12.10.1\n  openjdk-7-jre                   7u21-2.3.9-0ubuntu0.12.10.1\n  openjdk-7-jre-headless          7u21-2.3.9-0ubuntu0.12.10.1\n  openjdk-7-jre-lib               7u21-2.3.9-0ubuntu0.12.10.1\n  openjdk-7-jre-zero              7u21-2.3.9-0ubuntu0.12.10.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201406-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: IcedTea JDK: Multiple vulnerabilities\n     Date: June 29, 2014\n     Bugs: #312297, #330205, #340819, #346799, #352035, #353418,\n           #354231, #355127, #370787, #387637, #404095, #421031,\n           #429522, #433389, #438750, #442478, #457206, #458410,\n           #461714, #466822, #477210, #489570, #508270\n       ID: 201406-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the IcedTea JDK, the worst\nof which could lead to arbitrary code execution. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  dev-java/icedtea-bin        \u003c 6.1.13.3               \u003e= 6.1.13.3 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the IcedTea JDK. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, bypass intended security policies, or have other\nunspecified impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll IcedTea JDK users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-java/icedtea-bin-6.1.13.3\"\n\nReferences\n==========\n\n[   1 ] CVE-2009-3555\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555\n[   2 ] CVE-2010-2548\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548\n[   3 ] CVE-2010-2783\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783\n[   4 ] CVE-2010-3541\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541\n[   5 ] CVE-2010-3548\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548\n[   6 ] CVE-2010-3549\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549\n[   7 ] CVE-2010-3551\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551\n[   8 ] CVE-2010-3553\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553\n[   9 ] CVE-2010-3554\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554\n[  10 ] CVE-2010-3557\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557\n[  11 ] CVE-2010-3561\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561\n[  12 ] CVE-2010-3562\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562\n[  13 ] CVE-2010-3564\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564\n[  14 ] CVE-2010-3565\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565\n[  15 ] CVE-2010-3566\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566\n[  16 ] CVE-2010-3567\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567\n[  17 ] CVE-2010-3568\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568\n[  18 ] CVE-2010-3569\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569\n[  19 ] CVE-2010-3573\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573\n[  20 ] CVE-2010-3574\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574\n[  21 ] CVE-2010-3860\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860\n[  22 ] CVE-2010-4351\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351\n[  23 ] CVE-2010-4448\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448\n[  24 ] CVE-2010-4450\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450\n[  25 ] CVE-2010-4465\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465\n[  26 ] CVE-2010-4467\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467\n[  27 ] CVE-2010-4469\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469\n[  28 ] CVE-2010-4470\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470\n[  29 ] CVE-2010-4471\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471\n[  30 ] CVE-2010-4472\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472\n[  31 ] CVE-2010-4476\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476\n[  32 ] CVE-2011-0025\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025\n[  33 ] CVE-2011-0706\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706\n[  34 ] CVE-2011-0815\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815\n[  35 ] CVE-2011-0822\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822\n[  36 ] CVE-2011-0862\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862\n[  37 ] CVE-2011-0864\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864\n[  38 ] CVE-2011-0865\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865\n[  39 ] CVE-2011-0868\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868\n[  40 ] CVE-2011-0869\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869\n[  41 ] CVE-2011-0870\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870\n[  42 ] CVE-2011-0871\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871\n[  43 ] CVE-2011-0872\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872\n[  44 ] CVE-2011-3389\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[  45 ] CVE-2011-3521\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521\n[  46 ] CVE-2011-3544\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544\n[  47 ] CVE-2011-3547\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547\n[  48 ] CVE-2011-3548\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548\n[  49 ] CVE-2011-3551\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551\n[  50 ] CVE-2011-3552\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552\n[  51 ] CVE-2011-3553\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553\n[  52 ] CVE-2011-3554\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554\n[  53 ] CVE-2011-3556\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556\n[  54 ] CVE-2011-3557\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557\n[  55 ] CVE-2011-3558\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558\n[  56 ] CVE-2011-3560\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560\n[  57 ] CVE-2011-3563\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[  58 ] CVE-2011-3571\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571\n[  59 ] CVE-2011-5035\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[  60 ] CVE-2012-0497\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[  61 ] CVE-2012-0501\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[  62 ] CVE-2012-0502\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[  63 ] CVE-2012-0503\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[  64 ] CVE-2012-0505\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[  65 ] CVE-2012-0506\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[  66 ] CVE-2012-0547\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[  67 ] CVE-2012-1711\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[  68 ] CVE-2012-1713\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[  69 ] CVE-2012-1716\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[  70 ] CVE-2012-1717\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[  71 ] CVE-2012-1718\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[  72 ] CVE-2012-1719\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[  73 ] CVE-2012-1723\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[  74 ] CVE-2012-1724\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[  75 ] CVE-2012-1725\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[  76 ] CVE-2012-1726\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[  77 ] CVE-2012-3216\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[  78 ] CVE-2012-3422\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422\n[  79 ] CVE-2012-3423\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423\n[  80 ] CVE-2012-4416\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[  81 ] CVE-2012-4540\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540\n[  82 ] CVE-2012-5068\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[  83 ] CVE-2012-5069\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[  84 ] CVE-2012-5070\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[  85 ] CVE-2012-5071\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[  86 ] CVE-2012-5072\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[  87 ] CVE-2012-5073\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[  88 ] CVE-2012-5074\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[  89 ] CVE-2012-5075\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[  90 ] CVE-2012-5076\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[  91 ] CVE-2012-5077\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[  92 ] CVE-2012-5081\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[  93 ] CVE-2012-5084\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[  94 ] CVE-2012-5085\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[  95 ] CVE-2012-5086\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[  96 ] CVE-2012-5087\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[  97 ] CVE-2012-5089\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[  98 ] CVE-2012-5979\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979\n[  99 ] CVE-2013-0169\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 100 ] CVE-2013-0401\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 101 ] CVE-2013-0424\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424\n[ 102 ] CVE-2013-0425\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425\n[ 103 ] CVE-2013-0426\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426\n[ 104 ] CVE-2013-0427\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427\n[ 105 ] CVE-2013-0428\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428\n[ 106 ] CVE-2013-0429\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429\n[ 107 ] CVE-2013-0431\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431\n[ 108 ] CVE-2013-0432\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432\n[ 109 ] CVE-2013-0433\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433\n[ 110 ] CVE-2013-0434\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434\n[ 111 ] CVE-2013-0435\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435\n[ 112 ] CVE-2013-0440\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440\n[ 113 ] CVE-2013-0441\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441\n[ 114 ] CVE-2013-0442\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442\n[ 115 ] CVE-2013-0443\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443\n[ 116 ] CVE-2013-0444\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444\n[ 117 ] CVE-2013-0450\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450\n[ 118 ] CVE-2013-0809\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 119 ] CVE-2013-1475\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475\n[ 120 ] CVE-2013-1476\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476\n[ 121 ] CVE-2013-1478\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478\n[ 122 ] CVE-2013-1480\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480\n[ 123 ] CVE-2013-1484\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 124 ] CVE-2013-1485\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 125 ] CVE-2013-1486\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 126 ] CVE-2013-1488\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 127 ] CVE-2013-1493\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 128 ] CVE-2013-1500\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 129 ] CVE-2013-1518\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 130 ] CVE-2013-1537\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 131 ] CVE-2013-1557\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 132 ] CVE-2013-1569\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 133 ] CVE-2013-1571\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 134 ] CVE-2013-2383\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 135 ] CVE-2013-2384\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 136 ] CVE-2013-2407\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 137 ] CVE-2013-2412\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 138 ] CVE-2013-2415\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 139 ] CVE-2013-2417\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 140 ] CVE-2013-2419\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 141 ] CVE-2013-2420\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 142 ] CVE-2013-2421\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 143 ] CVE-2013-2422\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 144 ] CVE-2013-2423\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 145 ] CVE-2013-2424\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 146 ] CVE-2013-2426\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 147 ] CVE-2013-2429\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 148 ] CVE-2013-2430\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 149 ] CVE-2013-2431\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 150 ] CVE-2013-2436\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 151 ] CVE-2013-2443\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 152 ] CVE-2013-2444\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 153 ] CVE-2013-2445\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 154 ] CVE-2013-2446\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 155 ] CVE-2013-2447\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 156 ] CVE-2013-2448\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 157 ] CVE-2013-2449\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 158 ] CVE-2013-2450\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 159 ] CVE-2013-2451\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 160 ] CVE-2013-2452\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 161 ] CVE-2013-2453\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 162 ] CVE-2013-2454\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 163 ] CVE-2013-2455\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 164 ] CVE-2013-2456\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 165 ] CVE-2013-2457\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 166 ] CVE-2013-2458\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 167 ] CVE-2013-2459\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 168 ] CVE-2013-2460\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 169 ] CVE-2013-2461\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 170 ] CVE-2013-2463\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 171 ] CVE-2013-2465\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 172 ] CVE-2013-2469\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 173 ] CVE-2013-2470\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 174 ] CVE-2013-2471\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 175 ] CVE-2013-2472\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 176 ] CVE-2013-2473\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 177 ] CVE-2013-3829\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 178 ] CVE-2013-4002\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002\n[ 179 ] CVE-2013-5772\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 180 ] CVE-2013-5774\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 181 ] CVE-2013-5778\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 182 ] CVE-2013-5780\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 183 ] CVE-2013-5782\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 184 ] CVE-2013-5783\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 185 ] CVE-2013-5784\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 186 ] CVE-2013-5790\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 187 ] CVE-2013-5797\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 188 ] CVE-2013-5800\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 189 ] CVE-2013-5802\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 190 ] CVE-2013-5803\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 191 ] CVE-2013-5804\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 192 ] CVE-2013-5805\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 193 ] CVE-2013-5806\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 194 ] CVE-2013-5809\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 195 ] CVE-2013-5814\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 196 ] CVE-2013-5817\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 197 ] CVE-2013-5820\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 198 ] CVE-2013-5823\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 199 ] CVE-2013-5825\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 200 ] CVE-2013-5829\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 201 ] CVE-2013-5830\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 202 ] CVE-2013-5840\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 203 ] CVE-2013-5842\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 204 ] CVE-2013-5849\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 205 ] CVE-2013-5850\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 206 ] CVE-2013-5851\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 207 ] CVE-2013-6629\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629\n[ 208 ] CVE-2013-6954\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954\n[ 209 ] CVE-2014-0429\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429\n[ 210 ] CVE-2014-0446\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446\n[ 211 ] CVE-2014-0451\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451\n[ 212 ] CVE-2014-0452\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452\n[ 213 ] CVE-2014-0453\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453\n[ 214 ] CVE-2014-0456\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456\n[ 215 ] CVE-2014-0457\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457\n[ 216 ] CVE-2014-0458\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458\n[ 217 ] CVE-2014-0459\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459\n[ 218 ] CVE-2014-0460\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460\n[ 219 ] CVE-2014-0461\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461\n[ 220 ] CVE-2014-1876\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876\n[ 221 ] CVE-2014-2397\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397\n[ 222 ] CVE-2014-2398\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398\n[ 223 ] CVE-2014-2403\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403\n[ 224 ] CVE-2014-2412\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412\n[ 225 ] CVE-2014-2414\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414\n[ 226 ] CVE-2014-2421\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421\n[ 227 ] CVE-2014-2423\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423\n[ 228 ] CVE-2014-2427\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201406-32.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: java-1.7.0-openjdk security update\nAdvisory ID:       RHSA-2013:0752-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2013-0752.html\nIssue date:        2013-04-17\nCVE Names:         CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 \n                   CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 \n                   CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 \n                   CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 \n                   CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 \n                   CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 \n                   CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 \n                   CVE-2013-2436 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-openjdk packages that fix various security issues are\nnow available for Red Hat Enterprise Linux 5. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux (v. 5 server) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\n\n3. Description:\n\nThese packages provide the OpenJDK 7 Java Runtime Environment and the\nOpenJDK 7 Software Development Kit. \n\nMultiple flaws were discovered in the font layout engine in the 2D\ncomponent. An untrusted Java application or applet could possibly use these\nflaws to trigger Java Virtual Machine memory corruption. (CVE-2013-1569,\nCVE-2013-2383, CVE-2013-2384)\n\nMultiple improper permission check issues were discovered in the Beans,\nLibraries, JAXP, and RMI components in OpenJDK. An untrusted Java\napplication or applet could use these flaws to bypass Java sandbox\nrestrictions. (CVE-2013-1558, CVE-2013-2422, CVE-2013-2436, CVE-2013-1518,\nCVE-2013-1557)\n\nThe previous default value of the java.rmi.server.useCodebaseOnly property\npermitted the RMI implementation to automatically load classes from\nremotely specified locations. (CVE-2013-1537)\n\nNote: The fix for CVE-2013-1537 changes the default value of the property\nto true, restricting class loading to the local CLASSPATH and locations\nspecified in the java.rmi.server.codebase property. Refer to Red Hat\nBugzilla bug 952387 for additional details. \n\nThe 2D component did not properly process certain images. An untrusted Java\napplication or applet could possibly use this flaw to trigger Java Virtual\nMachine memory corruption. (CVE-2013-2420)\n\nIt was discovered that the Hotspot component did not properly handle\ncertain intrinsic frames, and did not correctly perform access checks and\nMethodHandle lookups. An untrusted Java application or applet could\nuse these flaws to bypass Java sandbox restrictions. (CVE-2013-2431,\nCVE-2013-2421, CVE-2013-2423)\n\nIt was discovered that JPEGImageReader and JPEGImageWriter in the ImageIO\ncomponent did not protect against modification of their state while\nperforming certain native code operations. An untrusted Java application or\napplet could possibly use these flaws to trigger Java Virtual Machine\nmemory corruption. (CVE-2013-2429, CVE-2013-2430)\n\nThe JDBC driver manager could incorrectly call the toString() method in\nJDBC drivers, and the ConcurrentHashMap class could incorrectly call the\ndefaultReadObject() method. An untrusted Java application or applet could\npossibly use these flaws to bypass Java sandbox restrictions. \n(CVE-2013-1488, CVE-2013-2426)\n\nThe sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly\ninvoke the system class loader. An untrusted Java application or applet\ncould possibly use this flaw to bypass certain Java sandbox restrictions. \n(CVE-2013-0401)\n\nFlaws were discovered in the Network component\u0027s InetAddress serialization,\nand the 2D component\u0027s font handling. An untrusted Java application or\napplet could possibly use these flaws to crash the Java Virtual Machine. \n(CVE-2013-2417, CVE-2013-2419)\n\nThe MBeanInstantiator class implementation in the OpenJDK JMX component did\nnot properly check class access before creating new instances. An untrusted\nJava application or applet could use this flaw to create instances of\nnon-public classes. (CVE-2013-2424)\n\nIt was discovered that JAX-WS could possibly create temporary files with\ninsecure permissions. A local attacker could use this flaw to access\ntemporary files created by an application using JAX-WS. (CVE-2013-2415)\n\nThis erratum also upgrades the OpenJDK package to IcedTea7 2.3.9. Refer to\nthe NEWS file, linked to in the References, for further information. \n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n920245 - CVE-2013-0401 OpenJDK: unspecified sandbox bypass (CanSecWest 2013, AWT)\n920247 - CVE-2013-1488 OpenJDK: unspecified sanbox bypass (CanSecWest 2013, Libraries)\n952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040)\n952389 - CVE-2013-2415 OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)\n952398 - CVE-2013-2423 OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)\n952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)\n952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)\n952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)\n952550 - CVE-2013-2436 OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)\n952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617)\n952640 - CVE-2013-1558 OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)\n952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)\n952645 - CVE-2013-2431 OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)\n952646 - CVE-2013-1518 OpenJDK: JAXP missing security restrictions (JAXP, 6657673)\n952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)\n952649 - CVE-2013-2421 OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)\n952653 - CVE-2013-2426 OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)\n952656 - CVE-2013-2419 OpenJDK: font processing errors (2D, 8001031)\n952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)\n952708 - CVE-2013-2383 OpenJDK: font layout and glyph table errors (2D, 8004986)\n952709 - CVE-2013-2384 OpenJDK: font layout and glyph table errors (2D, 8004987)\n952711 - CVE-2013-1569 OpenJDK: font layout and glyph table errors (2D, 8004994)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.i386.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el5_9.i386.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el5_9.i386.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el5_9.i386.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el5_9.i386.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el5_9.i386.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.i386.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el5_9.i386.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el5_9.i386.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el5_9.i386.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el5_9.i386.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el5_9.i386.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el5_9.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0401.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1488.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1518.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1537.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1557.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1558.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1569.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2383.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2384.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2419.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2420.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2421.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2422.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2423.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2436.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttp://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.9/NEWS\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRbvJKXlSAg2UNWIIRAqUrAJ9Z/4p4Hfhem2IW/HyrENsM6alnkACeJrNj\nu7V5CaCh5MYZ84AllqEIm+E=\n=pvGZ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section.  The verification\n of md5 checksums and GPG signatures is performed automatically for you.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFRcSLkmqjQ0CJFipgRAsEgAJ4gHSUUcP7uDS3JIxzQZxnCLwXe1QCfTQXq\no4NG1rmFdAUfR4q/O/aHdtM=\n=EXuM\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-2420"
          },
          {
            "db": "ZDI",
            "id": "ZDI-13-073"
          },
          {
            "db": "BID",
            "id": "59167"
          },
          {
            "db": "VULMON",
            "id": "CVE-2013-2420"
          },
          {
            "db": "PACKETSTORM",
            "id": "122879"
          },
          {
            "db": "PACKETSTORM",
            "id": "121395"
          },
          {
            "db": "PACKETSTORM",
            "id": "127267"
          },
          {
            "db": "PACKETSTORM",
            "id": "121321"
          },
          {
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "db": "PACKETSTORM",
            "id": "123735"
          },
          {
            "db": "PACKETSTORM",
            "id": "121630"
          },
          {
            "db": "PACKETSTORM",
            "id": "121555"
          },
          {
            "db": "PACKETSTORM",
            "id": "121351"
          },
          {
            "db": "PACKETSTORM",
            "id": "121361"
          }
        ],
        "trust": 2.79
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-2420",
            "trust": 3.1
          },
          {
            "db": "BID",
            "id": "59167",
            "trust": 1.4
          },
          {
            "db": "USCERT",
            "id": "TA13-107A",
            "trust": 1.1
          },
          {
            "db": "ZDI",
            "id": "ZDI-13-073",
            "trust": 1.0
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-1716",
            "trust": 0.7
          },
          {
            "db": "HITACHI",
            "id": "HS13-010",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-213-02",
            "trust": 0.3
          },
          {
            "db": "VULMON",
            "id": "CVE-2013-2420",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "122879",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121395",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "127267",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121321",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121703",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "123735",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121555",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121351",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121361",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-073"
          },
          {
            "db": "VULMON",
            "id": "CVE-2013-2420"
          },
          {
            "db": "BID",
            "id": "59167"
          },
          {
            "db": "PACKETSTORM",
            "id": "122879"
          },
          {
            "db": "PACKETSTORM",
            "id": "121395"
          },
          {
            "db": "PACKETSTORM",
            "id": "127267"
          },
          {
            "db": "PACKETSTORM",
            "id": "121321"
          },
          {
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "db": "PACKETSTORM",
            "id": "123735"
          },
          {
            "db": "PACKETSTORM",
            "id": "121630"
          },
          {
            "db": "PACKETSTORM",
            "id": "121555"
          },
          {
            "db": "PACKETSTORM",
            "id": "121351"
          },
          {
            "db": "PACKETSTORM",
            "id": "121361"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2420"
          }
        ]
      },
      "id": "VAR-201304-0375",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 1.0
      },
      "last_update_date": "2024-07-23T22:01:08.426000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Oracle has issued an update to correct this vulnerability.",
            "trust": 0.7,
            "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
          },
          {
            "title": "Red Hat: CVE-2013-2420",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2013-2420"
          },
          {
            "title": "Red Hat: Important: java-1.6.0-openjdk security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130770 - security advisory"
          },
          {
            "title": "Red Hat: Critical: java-1.7.0-openjdk security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130751 - security advisory"
          },
          {
            "title": "Red Hat: Critical: java-1.6.0-ibm security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130823 - security advisory"
          },
          {
            "title": "Red Hat: Critical: java-1.6.0-sun security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130758 - security advisory"
          },
          {
            "title": "Red Hat: Important: java-1.7.0-openjdk security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130752 - security advisory"
          },
          {
            "title": "Red Hat: Critical: java-1.7.0-oracle security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130757 - security advisory"
          },
          {
            "title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1819-1"
          },
          {
            "title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1806-1"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2013-185",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2013-185"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2013-183",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2013-183"
          },
          {
            "title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20131456 - security advisory"
          },
          {
            "title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20131455 - security advisory"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-073"
          },
          {
            "db": "VULMON",
            "id": "CVE-2013-2420"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-2420"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-0752.html"
          },
          {
            "trust": 1.2,
            "url": "http://www.ubuntu.com/usn/usn-1806-1"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-0757.html"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-1456.html"
          },
          {
            "trust": 1.2,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2013-0124"
          },
          {
            "trust": 1.2,
            "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-april/022796.html"
          },
          {
            "trust": 1.2,
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-0758.html"
          },
          {
            "trust": 1.1,
            "url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
          },
          {
            "trust": 1.1,
            "url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
          },
          {
            "trust": 1.1,
            "url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/cf93d3828aa8"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
          },
          {
            "trust": 1.1,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952638"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03898880"
          },
          {
            "trust": 1.1,
            "url": "http://www.us-cert.gov/ncas/alerts/ta13-107a"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2013/apr/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:145"
          },
          {
            "trust": 1.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2013-0130"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:161"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/59167"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19704"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19354"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16597"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1569"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0401"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2420"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2383"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1557"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2384"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2419"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1537"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2417"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2430"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2429"
          },
          {
            "trust": 0.6,
            "url": "https://downloads.avaya.com/css/p8/documents/100172168"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2424"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1518"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2422"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1488"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2415"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1558"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2421"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2426"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1569.html"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2417.html"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2419.html"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0401.html"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2430.html"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1537.html"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2383.html"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1557.html"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2424.html"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2384.html"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2429.html"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.5,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2420.html"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1491"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2394"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2431"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2423"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2422.html"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/knowledge/articles/11258"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2394.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2432.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1491.html"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001531"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#oracle_april_16_2013_cpu"
          },
          {
            "trust": 0.3,
            "url": "https://downloads.avaya.com/css/p8/documents/100172719"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649510"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034690"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034225"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
          },
          {
            "trust": 0.3,
            "url": "http://prod.lists.apple.com/archives/security-announce/2013/apr/msg00001.html"
          },
          {
            "trust": 0.3,
            "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03809278"
          },
          {
            "trust": 0.3,
            "url": "http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jz8iz8..t.d3wy.82bm.bw89mq%5f%5fcviafmb0"
          },
          {
            "trust": 0.3,
            "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs13-010/index.html"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640206"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21637512"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640420"
          },
          {
            "trust": 0.3,
            "url": "https://downloads.avaya.com/css/p8/documents/100172158"
          },
          {
            "trust": 0.3,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00001.html"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633170"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640763"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645096"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645100"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643544"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21649300"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644918"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647384"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21643697"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642358"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004513"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649318"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643618"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643513"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645425"
          },
          {
            "trust": 0.3,
            "url": "http://www.zerodayinitiative.com/advisories/zdi-13-073/"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2432"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2436"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2426.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2436.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2415.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1558.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1488.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2423.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0169.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1540.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2435.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2418.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1563.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2433.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2440.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2433"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1518.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2421.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2431.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
          },
          {
            "trust": 0.2,
            "url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2416.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2416"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2438.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2418"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2434.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1540"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1563"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=29297"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2013-2420"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/1819-1/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2445"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2447"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2439"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1500"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2452"
          },
          {
            "trust": 0.1,
            "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1571"
          },
          {
            "trust": 0.1,
            "url": "http://www.hp.com/go/java"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2448"
          },
          {
            "trust": 0.1,
            "url": "https://www.hp.com/go/swa"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2454"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2446"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2444"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2450"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openjdk-7/7u21-2.3.9-0ubuntu0.12.10.1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
          },
          {
            "trust": 0.1,
            "url": "http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.9/news"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2013-0855.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2468.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1476.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2463.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2446.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3342"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/site/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1500.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0428.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1480.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4823"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2444.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0425.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2454.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5089.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1722.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5079.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0419.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1721.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5081.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0409.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5071.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0423.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1532.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-3216.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5069.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3143"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1541"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5084.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0443.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2451.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0809.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1487.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0351.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1719"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1533"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-4820.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0427.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0433.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1493.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5073.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-4823.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2456.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-3743.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#low"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2407.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2470.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5068.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4822"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3216"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0547"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1541.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5068"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-4822.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-3159.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1725"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1532"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5075.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2471.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3213"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5069"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2443.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0551"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1713.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-3213.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0441.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2457.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2412.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5072.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1718.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0432.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0446.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4820"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1481.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1717.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1531.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2447.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2452.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0450.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2464.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1571.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1717"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1473.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0547.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2465.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2472.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1722"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2466.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2453.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1716"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2473.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2437.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1716.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5083.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1533.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-3342.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0426.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2450.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1718"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-3143.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0440.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1531"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1725.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0445.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2455.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1682.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2442.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2459.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5071"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1713"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5072"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0442.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0551.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0424.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1682"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2448.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1719.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1486.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1721"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3159"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2469.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0438.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5073"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1478.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0435.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0434.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2434"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2013-0822.html"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.5-0ubuntu0.10.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.5-0ubuntu0.11.10.1"
          },
          {
            "trust": 0.1,
            "url": "http://www.ubuntu.com/usn/usn-1819-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.5-0ubuntu0.12.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1564"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0402.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2427.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2439.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1561"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2414.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2425"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1561.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0402"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2428.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2414"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1564.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2425.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2431"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2426"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2421"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1569"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2420"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1488"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1518"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2419"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2384"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952387"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2417"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0401"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2429"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1557"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2383"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1537"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2415"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2424"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2430"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2422"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-073"
          },
          {
            "db": "VULMON",
            "id": "CVE-2013-2420"
          },
          {
            "db": "BID",
            "id": "59167"
          },
          {
            "db": "PACKETSTORM",
            "id": "122879"
          },
          {
            "db": "PACKETSTORM",
            "id": "121395"
          },
          {
            "db": "PACKETSTORM",
            "id": "127267"
          },
          {
            "db": "PACKETSTORM",
            "id": "121321"
          },
          {
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "db": "PACKETSTORM",
            "id": "123735"
          },
          {
            "db": "PACKETSTORM",
            "id": "121630"
          },
          {
            "db": "PACKETSTORM",
            "id": "121555"
          },
          {
            "db": "PACKETSTORM",
            "id": "121351"
          },
          {
            "db": "PACKETSTORM",
            "id": "121361"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2420"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-13-073"
          },
          {
            "db": "VULMON",
            "id": "CVE-2013-2420"
          },
          {
            "db": "BID",
            "id": "59167"
          },
          {
            "db": "PACKETSTORM",
            "id": "122879"
          },
          {
            "db": "PACKETSTORM",
            "id": "121395"
          },
          {
            "db": "PACKETSTORM",
            "id": "127267"
          },
          {
            "db": "PACKETSTORM",
            "id": "121321"
          },
          {
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "db": "PACKETSTORM",
            "id": "123735"
          },
          {
            "db": "PACKETSTORM",
            "id": "121630"
          },
          {
            "db": "PACKETSTORM",
            "id": "121555"
          },
          {
            "db": "PACKETSTORM",
            "id": "121351"
          },
          {
            "db": "PACKETSTORM",
            "id": "121361"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2420"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-05-10T00:00:00",
            "db": "ZDI",
            "id": "ZDI-13-073"
          },
          {
            "date": "2013-04-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2013-2420"
          },
          {
            "date": "2013-04-16T00:00:00",
            "db": "BID",
            "id": "59167"
          },
          {
            "date": "2013-08-20T17:55:00",
            "db": "PACKETSTORM",
            "id": "122879"
          },
          {
            "date": "2013-04-23T20:22:00",
            "db": "PACKETSTORM",
            "id": "121395"
          },
          {
            "date": "2014-06-30T23:39:28",
            "db": "PACKETSTORM",
            "id": "127267"
          },
          {
            "date": "2013-04-18T00:00:20",
            "db": "PACKETSTORM",
            "id": "121321"
          },
          {
            "date": "2013-05-23T00:42:44",
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "date": "2013-10-23T22:58:21",
            "db": "PACKETSTORM",
            "id": "123735"
          },
          {
            "date": "2013-05-14T20:49:18",
            "db": "PACKETSTORM",
            "id": "121630"
          },
          {
            "date": "2013-05-07T20:22:00",
            "db": "PACKETSTORM",
            "id": "121555"
          },
          {
            "date": "2013-04-19T06:13:57",
            "db": "PACKETSTORM",
            "id": "121351"
          },
          {
            "date": "2013-04-19T19:11:00",
            "db": "PACKETSTORM",
            "id": "121361"
          },
          {
            "date": "2013-04-17T18:55:07.017000",
            "db": "NVD",
            "id": "CVE-2013-2420"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-05-10T00:00:00",
            "db": "ZDI",
            "id": "ZDI-13-073"
          },
          {
            "date": "2017-09-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2013-2420"
          },
          {
            "date": "2017-08-11T21:10:00",
            "db": "BID",
            "id": "59167"
          },
          {
            "date": "2022-05-13T14:52:57.210000",
            "db": "NVD",
            "id": "CVE-2013-2420"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "59167"
          }
        ],
        "trust": 0.3
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Oracle Java setICMpixels Remote Code Execution Vulnerability",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-073"
          }
        ],
        "trust": 0.7
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Unknown",
        "sources": [
          {
            "db": "BID",
            "id": "59167"
          }
        ],
        "trust": 0.3
      }
    }

    VAR-200810-0140

    Vulnerability from variot - Updated: 2024-07-23 21:57

    Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a denial of service (continuous termination and restart) via a crafted Desktop file that generates an error when producing its icon, related to an "error recovery issue.". A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apple Finder is prone to a denial-of-service vulnerability. This issue arises when the application tries to create an icon for maliciously crafted files that are located on the desktop. Successful exploits may allow attackers to crash the affected application, denying service to legitimate users. This issue affects Mac OS X v10.5.5 and Mac OS X Server v10.5.5. NOTE: This issue was previously covered in BID 31681 (Apple Mac OS X 2008-007 Multiple Security Vulnerabilities) but has been given its own record to better document the vulnerability. The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. A false discovery issue exists in the Finder where malicious files on the desktop can cause the Finder to terminate unexpectedly when generating icons, and the Finder will continue to restart and terminate. Until this file is deleted, the user account cannot be accessed through the Finder user interface.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15884

    VERIFY ADVISORY: http://secunia.com/advisories/15884/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/

    DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200810-0140",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.5"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.5"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.5"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "31720"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001813"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-162"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3643"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3643"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "regenrechtSergio AlvarezRalf Meyer",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-162"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-3643",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 7.8,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2008-3643",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-33768",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-3643",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200810-162",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-33768",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33768"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001813"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-162"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3643"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a denial of service (continuous termination and restart) via a crafted Desktop file that generates an error when producing its icon, related to an \"error recovery issue.\". A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apple Finder is prone to a denial-of-service vulnerability. \nThis issue arises when the application tries to create an icon for maliciously crafted files that are located on the desktop. Successful exploits may allow attackers to crash the affected application, denying service to legitimate users. \nThis issue affects Mac OS X v10.5.5 and Mac OS X Server v10.5.5. \nNOTE: This issue was previously covered in BID 31681 (Apple Mac OS X 2008-007 Multiple Security Vulnerabilities) but has been given its own record to better document the vulnerability. \nThe security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. A false discovery issue exists in the Finder where malicious files on the desktop can cause the Finder to terminate unexpectedly when generating icons, and the Finder will continue to restart and terminate. Until this file is deleted, the user account cannot be accessed through the Finder user interface. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 2.0.5. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3643"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001813"
          },
          {
            "db": "BID",
            "id": "31720"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33768"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          }
        ],
        "trust": 3.06
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-3643",
            "trust": 3.1
          },
          {
            "db": "BID",
            "id": "31720",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "32222",
            "trust": 2.5
          },
          {
            "db": "BID",
            "id": "31681",
            "trust": 2.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2780",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1021024",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "45780",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001813",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-162",
            "trust": 0.7
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-10-09",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-33768",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38390",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33768"
          },
          {
            "db": "BID",
            "id": "31720"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001813"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-162"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3643"
          }
        ]
      },
      "id": "VAR-200810-0140",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33768"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:57:09.157000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HT3216",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3216"
          },
          {
            "title": "HT3216",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3216?viewlocale=ja_jp"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001813"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3643"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/31720"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/32222"
          },
          {
            "trust": 2.3,
            "url": "http://support.apple.com/kb/ht3216"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/31681"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id?1021024"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2780"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/45780"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2780"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45780"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3643"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3643"
          },
          {
            "trust": 0.6,
            "url": "http://www.apple.com/macosx/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4577/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33768"
          },
          {
            "db": "BID",
            "id": "31720"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001813"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-162"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3643"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33768"
          },
          {
            "db": "BID",
            "id": "31720"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001813"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-162"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3643"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-10-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33768"
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "BID",
            "id": "31720"
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "BID",
            "id": "31681"
          },
          {
            "date": "2008-11-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001813"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "date": "2007-05-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200810-162"
          },
          {
            "date": "2008-10-10T10:30:04.950000",
            "db": "NVD",
            "id": "CVE-2008-3643"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2017-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33768"
          },
          {
            "date": "2008-10-15T16:37:00",
            "db": "BID",
            "id": "31720"
          },
          {
            "date": "2009-03-24T16:56:00",
            "db": "BID",
            "id": "31681"
          },
          {
            "date": "2008-11-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001813"
          },
          {
            "date": "2009-02-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200810-162"
          },
          {
            "date": "2017-08-08T01:32:02.983000",
            "db": "NVD",
            "id": "CVE-2008-3643"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "31720"
          },
          {
            "db": "BID",
            "id": "31681"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-162"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200809-0182

    Vulnerability from variot - Updated: 2024-07-23 21:55

    ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. The security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. Viewing very large JPEG graphics can lead to unexpected application termination or arbitrary code execution.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15895

    VERIFY ADVISORY: http://secunia.com/advisories/15895/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/

    DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 3.21. http://sourceforge.net/project/showfiles.php?group_id=66479

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200809-0182",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.2"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.1"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.2"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.1"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.3"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.5.3"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.9 to  v10.4.11"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.4"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.9 to  v10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.4"
          },
          {
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "ilife",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.0"
          },
          {
            "model": "aperture",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2"
          },
          {
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "ilife support",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.3.1"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001719"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-214"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3608"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3608"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Pete Finnigan\u203b pete@peterfinnigan.demon.co.uk\u203bEsteban Martinez FayoJoxean Koret\u203b joxeankoret@yahoo.es\u203bAlexander Kornbrust\u203b ak@red-database-security.com\u203bAmichai Shulman\u203b shulman@imperva.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-214"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-3608",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": true,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.3,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2008-3608",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "VHN-33733",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-3608",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#126787",
                "trust": 0.8,
                "value": "1.01"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200809-214",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-33733",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33733"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001719"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-214"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3608"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. \nThe security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. Viewing very large JPEG graphics can lead to unexpected application termination or arbitrary code execution. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nNucleus XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15895\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15895/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNucleus 3.x\nhttp://secunia.com/product/3699/\n\nDESCRIPTION:\nA vulnerability has been reported in Nucleus, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 3.21. \nhttp://sourceforge.net/project/showfiles.php?group_id=66479\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3608"
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001719"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33733"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-3608",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "31189",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "31882",
            "trust": 2.5
          },
          {
            "db": "USCERT",
            "id": "TA08-260A",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1020876",
            "trust": 2.5
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2584",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-3107",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "45168",
            "trust": 1.4
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "32706",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA08-260A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001719",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "TA08-260A",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-09-15",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-11-13",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-214",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-33733",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38388",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33733"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001719"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-214"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3608"
          }
        ]
      },
      "id": "VAR-200809-0182",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33733"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:55:33.188000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HT3137",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "title": "HT3298",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3298"
          },
          {
            "title": "HT3276",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3276"
          },
          {
            "title": "HT3137",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137?viewlocale=ja_jp"
          },
          {
            "title": "TA08-260A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-260a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001719"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33733"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001719"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3608"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/31189"
          },
          {
            "trust": 2.5,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/31882"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce//2008/nov/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://support.apple.com/kb/ht3276"
          },
          {
            "trust": 1.7,
            "url": "http://support.apple.com/kb/ht3298"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id?1020876"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/45168"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/32706"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/3107"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45168"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "about vulnerability notes"
          },
          {
            "trust": 0.8,
            "url": "contact us about this vulnerability"
          },
          {
            "trust": 0.8,
            "url": "provide a vendor statement"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3608"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta08-260a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta08-260a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3608"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1020876"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa08-260a.html"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/3107"
          },
          {
            "trust": 0.3,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "trust": 0.3,
            "url": "http://www.apple.com/macosx/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/126787"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3699/"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=66479"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33733"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001719"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-214"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3608"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33733"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001719"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-214"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3608"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-09-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33733"
          },
          {
            "date": "2008-09-15T00:00:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001719"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-214"
          },
          {
            "date": "2008-09-16T23:00:01.057000",
            "db": "NVD",
            "id": "CVE-2008-3608"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-10-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2017-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33733"
          },
          {
            "date": "2008-11-13T22:34:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-12-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001719"
          },
          {
            "date": "2008-12-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-214"
          },
          {
            "date": "2017-08-08T01:32:01.920000",
            "db": "NVD",
            "id": "CVE-2008-3608"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-214"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Apple Mac OS X file sharing allows authenticated remote access to files and directories",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-214"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200809-0009

    Vulnerability from variot - Updated: 2024-07-23 21:55

    ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted TIFF image. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. The security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15884

    VERIFY ADVISORY: http://secunia.com/advisories/15884/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/

    DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200809-0009",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.2"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.1"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.2"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.1"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.3"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.3"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.9 to  v10.4.11"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.4"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.9 to  v10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.4"
          },
          {
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "ilife",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.0"
          },
          {
            "model": "aperture",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2"
          },
          {
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "ilife support",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.3.1"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001718"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-212"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2332"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-2332"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Pete Finnigan\u203b pete@peterfinnigan.demon.co.uk\u203bEsteban Martinez FayoJoxean Koret\u203b joxeankoret@yahoo.es\u203bAlexander Kornbrust\u203b ak@red-database-security.com\u203bAmichai Shulman\u203b shulman@imperva.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-212"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-2332",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": true,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.3,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2008-2332",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "VHN-32457",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-2332",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#126787",
                "trust": 0.8,
                "value": "1.01"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200809-212",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-32457",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32457"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001718"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-212"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2332"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted TIFF image. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. \nThe security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 2.0.5. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-2332"
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001718"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32457"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-2332",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "31189",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "31882",
            "trust": 2.5
          },
          {
            "db": "USCERT",
            "id": "TA08-260A",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1020876",
            "trust": 2.5
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2584",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-3107",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "45167",
            "trust": 1.4
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "32706",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA08-260A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001718",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "TA08-260A",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-09-15",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-11-13",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-212",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-32457",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38390",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32457"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001718"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-212"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2332"
          }
        ]
      },
      "id": "VAR-200809-0009",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-32457"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:55:12.610000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HT3137",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "title": "HT3276",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3276"
          },
          {
            "title": "HT3298",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3298"
          },
          {
            "title": "HT3137",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137?viewlocale=ja_jp"
          },
          {
            "title": "TA08-260A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-260a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001718"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-32457"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001718"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2332"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/31189"
          },
          {
            "trust": 2.5,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/31882"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce//2008/nov/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://support.apple.com/kb/ht3276"
          },
          {
            "trust": 1.7,
            "url": "http://support.apple.com/kb/ht3298"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id?1020876"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/45167"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/32706"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/3107"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45167"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "about vulnerability notes"
          },
          {
            "trust": 0.8,
            "url": "contact us about this vulnerability"
          },
          {
            "trust": 0.8,
            "url": "provide a vendor statement"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2332"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta08-260a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta08-260a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2332"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1020876"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa08-260a.html"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/3107"
          },
          {
            "trust": 0.3,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "trust": 0.3,
            "url": "http://www.apple.com/macosx/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/126787"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4577/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32457"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001718"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-212"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2332"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32457"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001718"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-212"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2332"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-09-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-32457"
          },
          {
            "date": "2008-09-15T00:00:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001718"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-212"
          },
          {
            "date": "2008-09-16T23:00:01.040000",
            "db": "NVD",
            "id": "CVE-2008-2332"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-10-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2017-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-32457"
          },
          {
            "date": "2008-11-13T22:34:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-12-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001718"
          },
          {
            "date": "2008-12-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-212"
          },
          {
            "date": "2017-08-08T01:30:57.497000",
            "db": "NVD",
            "id": "CVE-2008-2332"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-212"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Apple Mac OS X file sharing allows authenticated remote access to files and directories",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-212"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200810-0142

    Vulnerability from variot - Updated: 2024-07-23 21:50

    The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail is sent from a local command-line tool, which allows remote attackers to send mail to local Mac OS X users. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Attackers may be able to send email to local users and otherwise make use of the SMTP protocol. This issue affects Mac OS X v10.5. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007. The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. This vulnerability does not cause the system to become an open mail relay.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15884

    VERIFY ADVISORY: http://secunia.com/advisories/15884/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/

    DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200810-0142",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.5"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "31721"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001816"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-164"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3646"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3646"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "regenrechtSergio AlvarezRalf Meyer",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-164"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-3646",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": true,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2008-3646",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-33771",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-3646",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200810-164",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-33771",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33771"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001816"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-164"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3646"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail is sent from a local command-line tool, which allows remote attackers to send mail to local Mac OS X users. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. \nAttackers may be able to send email to local users and otherwise make use of the SMTP protocol. \nThis issue affects Mac OS X v10.5. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007. \nThe security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. This vulnerability does not cause the system to become an open mail relay. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 2.0.5. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3646"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001816"
          },
          {
            "db": "BID",
            "id": "31721"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33771"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          }
        ],
        "trust": 3.06
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-3646",
            "trust": 3.1
          },
          {
            "db": "BID",
            "id": "31721",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "32222",
            "trust": 2.5
          },
          {
            "db": "BID",
            "id": "31681",
            "trust": 2.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2780",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "45876",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001816",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-164",
            "trust": 0.7
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-10-09",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-33771",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38390",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33771"
          },
          {
            "db": "BID",
            "id": "31721"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001816"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-164"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3646"
          }
        ]
      },
      "id": "VAR-200810-0142",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33771"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:50:24.464000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HT3216",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3216"
          },
          {
            "title": "HT3216",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3216?viewlocale=ja_jp"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001816"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-362",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33771"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001816"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3646"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/31721"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/32222"
          },
          {
            "trust": 2.3,
            "url": "http://support.apple.com/kb/ht3216"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/31681"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2780"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/45876"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2780"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45876"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3646"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3646"
          },
          {
            "trust": 0.6,
            "url": "http://www.apple.com/macosx/"
          },
          {
            "trust": 0.3,
            "url": "http://software.cisco.com/download/navigator.html?mdfid=283613663"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4577/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33771"
          },
          {
            "db": "BID",
            "id": "31721"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001816"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-164"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3646"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33771"
          },
          {
            "db": "BID",
            "id": "31721"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001816"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-164"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3646"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-10-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33771"
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "BID",
            "id": "31721"
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "BID",
            "id": "31681"
          },
          {
            "date": "2008-11-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001816"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "date": "2007-05-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200810-164"
          },
          {
            "date": "2008-10-10T10:30:05.043000",
            "db": "NVD",
            "id": "CVE-2008-3646"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2017-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33771"
          },
          {
            "date": "2008-10-15T16:47:00",
            "db": "BID",
            "id": "31721"
          },
          {
            "date": "2009-03-24T16:56:00",
            "db": "BID",
            "id": "31681"
          },
          {
            "date": "2008-11-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001816"
          },
          {
            "date": "2008-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200810-164"
          },
          {
            "date": "2017-08-08T01:32:03.090000",
            "db": "NVD",
            "id": "CVE-2008-3646"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "31721"
          },
          {
            "db": "BID",
            "id": "31681"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "competitive condition",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-164"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200809-0008

    Vulnerability from variot - Updated: 2024-07-23 21:50

    Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Info window after a lock operation that modifies Sharing & Permissions in a filesystem, which might allow local users to leverage weak permissions that were not intended by an administrator. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. The security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. After hitting the lock key, changes to filesystem shares and permissions take effect but are not displayed.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15884

    VERIFY ADVISORY: http://secunia.com/advisories/15884/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/

    DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200809-0008",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.2"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.1"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.2"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.1"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.3"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.3"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.4"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.4"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "ilife",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.0"
          },
          {
            "model": "aperture",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2"
          },
          {
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "ilife support",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.3.1"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001716"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-211"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2331"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-2331"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Pete Finnigan\u203b pete@peterfinnigan.demon.co.uk\u203bEsteban Martinez FayoJoxean Koret\u203b joxeankoret@yahoo.es\u203bAlexander Kornbrust\u203b ak@red-database-security.com\u203bAmichai Shulman\u203b shulman@imperva.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-211"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-2331",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2008-2331",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-32456",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-2331",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#126787",
                "trust": 0.8,
                "value": "1.01"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200809-211",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-32456",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32456"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001716"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-211"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2331"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Info window after a lock operation that modifies Sharing \u0026 Permissions in a filesystem, which might allow local users to leverage weak permissions that were not intended by an administrator. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. \nThe security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. After hitting the lock key, changes to filesystem shares and permissions take effect but are not displayed. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 2.0.5. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-2331"
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001716"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32456"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-2331",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "31189",
            "trust": 2.8
          },
          {
            "db": "SECTRACK",
            "id": "1020875",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "31882",
            "trust": 2.5
          },
          {
            "db": "USCERT",
            "id": "TA08-260A",
            "trust": 2.5
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2584",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "45165",
            "trust": 1.4
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA08-260A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001716",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "TA08-260A",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-09-15",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-211",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-32456",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38390",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32456"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001716"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-211"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2331"
          }
        ]
      },
      "id": "VAR-200809-0008",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-32456"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:50:10.607000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Update 2008-006",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "title": "Security Update 2008-006",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137?viewlocale=ja_jp"
          },
          {
            "title": "TA08-260A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-260a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001716"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-264",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-32456"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001716"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2331"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/31189"
          },
          {
            "trust": 2.5,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
          },
          {
            "trust": 2.5,
            "url": "http://securitytracker.com/id?1020875"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/31882"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/45165"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45165"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "about vulnerability notes"
          },
          {
            "trust": 0.8,
            "url": "contact us about this vulnerability"
          },
          {
            "trust": 0.8,
            "url": "provide a vendor statement"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2331"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta08-260a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta08-260a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2331"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa08-260a.html"
          },
          {
            "trust": 0.3,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "trust": 0.3,
            "url": "http://www.apple.com/macosx/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/126787"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4577/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32456"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001716"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-211"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2331"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32456"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001716"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-211"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2331"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-09-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-32456"
          },
          {
            "date": "2008-09-15T00:00:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-10-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001716"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-211"
          },
          {
            "date": "2008-09-16T23:00:01.007000",
            "db": "NVD",
            "id": "CVE-2008-2331"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-10-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2017-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-32456"
          },
          {
            "date": "2008-11-13T22:34:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-10-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001716"
          },
          {
            "date": "2008-11-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-211"
          },
          {
            "date": "2017-08-08T01:30:57.433000",
            "db": "NVD",
            "id": "CVE-2008-2331"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-211"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Apple Mac OS X file sharing allows authenticated remote access to files and directories",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "permissions and access control",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-211"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200804-0039

    Vulnerability from variot - Updated: 2024-07-23 21:45

    Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflow. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.The specific flaw exists in the regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in WebKit. Apple Safari is prone to a buffer-overflow vulnerability. Other attacks are also possible. This issue affects versions prior to Apple Safari 3.1.1 running on the following platforms: Mac OS X v10.4.11 Mac OS X Server v10.4.11 Mac OS X v10.5.2 Mac OS X Server v10.5.2 Windows XP Windows Vista. Safari is the WEB browser bundled with the Apple family operating system by default.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15884

    VERIFY ADVISORY: http://secunia.com/advisories/15884/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/

    DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    . ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-022 April 16, 2008

    -- CVE ID: CVE-2008-1026

    -- Affected Vendors: Apple

    -- Affected Products: Apple Safari

    -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6031.

    -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at:

    http://support.apple.com/kb/HT1467

    -- Disclosure Timeline: 2008-03-27 - Vulnerability reported to vendor 2008-04-16 - Coordinated public release of advisory

    -- Credit: This vulnerability was discovered by: * Charlie Miller, Jake Honoroff and Mark Daniel

    -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.

    Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com
    

    The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.

    Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/
    

    CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at postmaster@3com.com.


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200804-0039",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "safari",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "version"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari",
            "scope": null,
            "trust": 0.7,
            "vendor": "apple",
            "version": null
          },
          {
            "model": "windows vista",
            "scope": null,
            "trust": 0.6,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "windows xp",
            "scope": null,
            "trust": 0.6,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.4"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.4"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.3.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0.2"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "safari",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "ipod touch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "model": "iphone",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-022"
          },
          {
            "db": "BID",
            "id": "28815"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001322"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200804-274"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1026"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-1026"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Charlie Miller, Jake Honoroff and Mark Daniel",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-08-022"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2008-1026",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": true,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2008-1026",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-31151",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-1026",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200804-274",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-31151",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31151"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001322"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200804-274"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1026"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflow. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.The specific flaw exists in the regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in WebKit. Apple Safari is prone to a buffer-overflow vulnerability. Other attacks are also possible. \nThis issue affects versions prior to Apple Safari 3.1.1 running on the following platforms:\nMac OS X v10.4.11\nMac OS X Server v10.4.11\nMac OS X v10.5.2\nMac OS X Server v10.5.2\nWindows XP\nWindows Vista. Safari is the WEB browser bundled with the Apple family operating system by default. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 2.0.5. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow \nVulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-08-022\nApril 16, 2008\n\n-- CVE ID:\nCVE-2008-1026\n\n-- Affected Vendors:\nApple\n\n-- Affected Products:\nApple Safari\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 6031. \n\n-- Vendor Response:\nApple has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://support.apple.com/kb/HT1467\n\n-- Disclosure Timeline:\n2008-03-27 - Vulnerability reported to vendor\n2008-04-16 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n    * Charlie Miller, Jake Honoroff and Mark Daniel\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n    http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n    http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nCONFIDENTIALITY NOTICE: This e-mail message, including any attachments,\nis being sent by 3Com for the sole use of the intended recipient(s) and\nmay contain confidential, proprietary and/or privileged information. \nAny unauthorized review, use, disclosure and/or distribution by any \nrecipient is prohibited.  If you are not the intended recipient, please\ndelete and/or destroy all copies of this message regardless of form and\nany included attachments and notify 3Com immediately by contacting the\nsender via reply e-mail or forwarding to 3Com at postmaster@3com.com. \n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-1026"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001322"
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-022"
          },
          {
            "db": "BID",
            "id": "28815"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31151"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "PACKETSTORM",
            "id": "65589"
          }
        ],
        "trust": 3.51
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-31151",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31151"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-1026",
            "trust": 3.6
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-022",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "28815",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "29846",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1019870",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "31074",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2094",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1250",
            "trust": 1.7
          },
          {
            "db": "SREASON",
            "id": "3815",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "41859",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001322",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-303",
            "trust": 0.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200804-274",
            "trust": 0.7
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-07-11",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-04-16",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20080416 ZDI-08-022: APPLE SAFARI WEBKIT PCRE HANDLING INTEGER OVERFLOW VULNERABILITY",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "65589",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-31151",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38390",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-022"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31151"
          },
          {
            "db": "BID",
            "id": "28815"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001322"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "PACKETSTORM",
            "id": "65589"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200804-274"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1026"
          }
        ]
      },
      "id": "VAR-200804-0039",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31151"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:45:07.043000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Safari 3.1.1",
            "trust": 1.5,
            "url": "http://support.apple.com/kb/ht1467"
          },
          {
            "title": "iPhone v2.0 and iPod touch v2.0",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht2351"
          },
          {
            "title": "Safari 3.1.1",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht1467?viewlocale=ja_jp"
          },
          {
            "title": "iPhone v2.0 and iPod touch v2.0",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht2351?viewlocale=ja_jp\u0026locale=ja_jp"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-08-022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001322"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31151"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001322"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1026"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "http://support.apple.com/kb/ht1467"
          },
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/28815"
          },
          {
            "trust": 2.5,
            "url": "http://www.securitytracker.com/id?1019870"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/29846"
          },
          {
            "trust": 1.8,
            "url": "http://www.zerodayinitiative.com/advisories/zdi-08-022"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008/apr/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008//jul/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/31074"
          },
          {
            "trust": 1.7,
            "url": "http://securityreason.com/securityalert/3815"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/1250/references"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/41859"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/490990/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1250/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2094/references"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41859"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1026"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1026"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/490990/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/2094/references"
          },
          {
            "trust": 0.3,
            "url": "http://www.apple.com/safari/"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/490990"
          },
          {
            "trust": 0.3,
            "url": "http://www.zerodayinitiative.com/advisories/zdi-08-022/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4577/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.tippingpoint.com"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1026"
          },
          {
            "trust": 0.1,
            "url": "http://www.zerodayinitiative.com"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-022"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31151"
          },
          {
            "db": "BID",
            "id": "28815"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001322"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "PACKETSTORM",
            "id": "65589"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200804-274"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1026"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-022"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31151"
          },
          {
            "db": "BID",
            "id": "28815"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001322"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "PACKETSTORM",
            "id": "65589"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200804-274"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1026"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-04-16T00:00:00",
            "db": "ZDI",
            "id": "ZDI-08-022"
          },
          {
            "date": "2008-04-17T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31151"
          },
          {
            "date": "2008-04-16T00:00:00",
            "db": "BID",
            "id": "28815"
          },
          {
            "date": "2008-05-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001322"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "date": "2008-04-16T22:08:34",
            "db": "PACKETSTORM",
            "id": "65589"
          },
          {
            "date": "2008-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200804-274"
          },
          {
            "date": "2008-04-17T19:05:00",
            "db": "NVD",
            "id": "CVE-2008-1026"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-04-16T00:00:00",
            "db": "ZDI",
            "id": "ZDI-08-022"
          },
          {
            "date": "2018-10-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31151"
          },
          {
            "date": "2008-07-11T19:49:00",
            "db": "BID",
            "id": "28815"
          },
          {
            "date": "2008-07-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001322"
          },
          {
            "date": "2021-07-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200804-274"
          },
          {
            "date": "2018-10-11T20:29:06.897000",
            "db": "NVD",
            "id": "CVE-2008-1026"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "65589"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200804-274"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200804-274"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200809-0187

    Vulnerability from variot - Updated: 2024-07-23 21:44

    Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving a search for a remote disk on the local network. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. The security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. An attacker with access to the local network can cause the Finder to quit immediately after launching.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15895

    VERIFY ADVISORY: http://secunia.com/advisories/15895/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/

    DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 3.21. http://sourceforge.net/project/showfiles.php?group_id=66479

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200809-0187",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.3"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.2"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.4"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.4"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "ilife",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.0"
          },
          {
            "model": "aperture",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2"
          },
          {
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "ilife support",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.3.1"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001717"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-218"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3613"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:apple:macbook_air:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3613"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Pete Finnigan\u203b pete@peterfinnigan.demon.co.uk\u203bEsteban Martinez FayoJoxean Koret\u203b joxeankoret@yahoo.es\u203bAlexander Kornbrust\u203b ak@red-database-security.com\u203bAmichai Shulman\u203b shulman@imperva.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-218"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-3613",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "IPA",
                "availabilityImpact": "Complete",
                "baseScore": 6.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2008-001717",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "VHN-33738",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-3613",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#126787",
                "trust": 0.8,
                "value": "1.01"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "IPA",
                "id": "JVNDB-2008-001717",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200809-218",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-33738",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33738"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001717"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-218"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3613"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving a search for a remote disk on the local network. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. \nThe security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. An attacker with access to the local network can cause the Finder to quit immediately after launching. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nNucleus XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15895\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15895/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNucleus 3.x\nhttp://secunia.com/product/3699/\n\nDESCRIPTION:\nA vulnerability has been reported in Nucleus, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 3.21. \nhttp://sourceforge.net/project/showfiles.php?group_id=66479\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3613"
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001717"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33738"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "31189",
            "trust": 2.8
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3613",
            "trust": 2.8
          },
          {
            "db": "SECTRACK",
            "id": "1020875",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "31882",
            "trust": 2.5
          },
          {
            "db": "USCERT",
            "id": "TA08-260A",
            "trust": 2.5
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2584",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "45166",
            "trust": 1.4
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA08-260A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001717",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "TA08-260A",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-09-15",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-218",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-33738",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38388",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33738"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001717"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-218"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3613"
          }
        ]
      },
      "id": "VAR-200809-0187",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33738"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:44:13.542000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Update 2008-006",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "title": "Security Update 2008-006",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137?viewlocale=ja_jp"
          },
          {
            "title": "TA08-260A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-260a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001717"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33738"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001717"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3613"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/31189"
          },
          {
            "trust": 2.5,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
          },
          {
            "trust": 2.5,
            "url": "http://securitytracker.com/id?1020875"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/31882"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/45166"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45166"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "about vulnerability notes"
          },
          {
            "trust": 0.8,
            "url": "contact us about this vulnerability"
          },
          {
            "trust": 0.8,
            "url": "provide a vendor statement"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3613"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta08-260a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta08-260a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3613"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa08-260a.html"
          },
          {
            "trust": 0.3,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "trust": 0.3,
            "url": "http://www.apple.com/macosx/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/126787"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3699/"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=66479"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33738"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001717"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-218"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3613"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33738"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001717"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-218"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3613"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-09-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33738"
          },
          {
            "date": "2008-09-15T00:00:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-10-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001717"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-218"
          },
          {
            "date": "2008-09-16T23:00:01.163000",
            "db": "NVD",
            "id": "CVE-2008-3613"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-10-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2017-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33738"
          },
          {
            "date": "2008-11-13T22:34:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-10-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001717"
          },
          {
            "date": "2008-11-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-218"
          },
          {
            "date": "2017-08-08T01:32:02.153000",
            "db": "NVD",
            "id": "CVE-2008-3613"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "specific network environment",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-218"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Apple Mac OS X file sharing allows authenticated remote access to files and directories",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-218"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201304-0300

    Vulnerability from variot - Updated: 2024-07-23 21:35

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code. Oracle Java SE is prone to a remote code execution vulnerability in Java Runtime Environment. An attacker can exploit this issue to execute arbitrary code in the context of the current user. This vulnerability affects the following supported versions: 7 Update 17 , 6 Update 43 , 5.0 Update 41. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-32


                                            http://security.gentoo.org/
    

    Severity: High Title: IcedTea JDK: Multiple vulnerabilities Date: June 29, 2014 Bugs: #312297, #330205, #340819, #346799, #352035, #353418, #354231, #355127, #370787, #387637, #404095, #421031, #429522, #433389, #438750, #442478, #457206, #458410, #461714, #466822, #477210, #489570, #508270 ID: 201406-32


    Synopsis

    Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution.

    Background

    IcedTea is a distribution of the Java OpenJDK source code built with free build tools.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3

    Description

    Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details.

    Impact

    A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, bypass intended security policies, or have other unspecified impact.

    Workaround

    There is no known workaround at this time.

    Resolution

    All IcedTea JDK users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"

    References

    [ 1 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 2 ] CVE-2010-2548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548 [ 3 ] CVE-2010-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783 [ 4 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 5 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 6 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 7 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 8 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 9 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 10 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 11 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 12 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 13 ] CVE-2010-3564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564 [ 14 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 15 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 16 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 17 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 18 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 19 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 20 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 21 ] CVE-2010-3860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860 [ 22 ] CVE-2010-4351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351 [ 23 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 24 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 25 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 26 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 27 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 28 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 29 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 30 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 31 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 32 ] CVE-2011-0025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025 [ 33 ] CVE-2011-0706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706 [ 34 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 35 ] CVE-2011-0822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822 [ 36 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 37 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 38 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 39 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 40 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 41 ] CVE-2011-0870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870 [ 42 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 43 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 44 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 45 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 46 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 47 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 48 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 49 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 50 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 51 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 52 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 53 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 54 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 55 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 56 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 57 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 58 ] CVE-2011-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571 [ 59 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 60 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 61 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 62 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 63 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 64 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 65 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 66 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 67 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 68 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 69 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 70 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 71 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 72 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 73 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 74 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 75 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 76 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 77 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 78 ] CVE-2012-3422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422 [ 79 ] CVE-2012-3423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423 [ 80 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 81 ] CVE-2012-4540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540 [ 82 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 83 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 84 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 85 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 86 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 87 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 88 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 89 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 90 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 91 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 92 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 93 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 94 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 95 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 96 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 97 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 98 ] CVE-2012-5979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979 [ 99 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 100 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 101 ] CVE-2013-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424 [ 102 ] CVE-2013-0425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425 [ 103 ] CVE-2013-0426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426 [ 104 ] CVE-2013-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427 [ 105 ] CVE-2013-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428 [ 106 ] CVE-2013-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429 [ 107 ] CVE-2013-0431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431 [ 108 ] CVE-2013-0432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432 [ 109 ] CVE-2013-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433 [ 110 ] CVE-2013-0434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434 [ 111 ] CVE-2013-0435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435 [ 112 ] CVE-2013-0440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440 [ 113 ] CVE-2013-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441 [ 114 ] CVE-2013-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442 [ 115 ] CVE-2013-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443 [ 116 ] CVE-2013-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444 [ 117 ] CVE-2013-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450 [ 118 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 119 ] CVE-2013-1475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475 [ 120 ] CVE-2013-1476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476 [ 121 ] CVE-2013-1478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478 [ 122 ] CVE-2013-1480 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480 [ 123 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 124 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 125 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 126 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 127 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 128 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 129 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 130 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 131 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 132 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 133 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 134 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 135 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 136 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 137 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 138 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 139 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 140 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 141 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 142 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 143 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 144 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 145 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 146 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 147 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 148 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 149 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 150 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 151 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 152 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 153 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 154 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 155 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 156 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 157 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 158 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 159 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 160 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 161 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 162 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 163 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 164 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 165 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 166 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 167 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 168 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 169 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 170 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 171 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 172 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 173 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 174 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 175 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 176 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 177 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 178 ] CVE-2013-4002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002 [ 179 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 180 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 181 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 182 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 183 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 184 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 185 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 186 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 187 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 188 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 189 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 190 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 191 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 192 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 193 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 194 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 195 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 196 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 197 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 198 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 199 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 200 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 201 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 202 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 203 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 204 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 205 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 206 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 207 ] CVE-2013-6629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629 [ 208 ] CVE-2013-6954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954 [ 209 ] CVE-2014-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429 [ 210 ] CVE-2014-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446 [ 211 ] CVE-2014-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451 [ 212 ] CVE-2014-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452 [ 213 ] CVE-2014-0453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453 [ 214 ] CVE-2014-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456 [ 215 ] CVE-2014-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457 [ 216 ] CVE-2014-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458 [ 217 ] CVE-2014-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459 [ 218 ] CVE-2014-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460 [ 219 ] CVE-2014-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461 [ 220 ] CVE-2014-1876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876 [ 221 ] CVE-2014-2397 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397 [ 222 ] CVE-2014-2398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398 [ 223 ] CVE-2014-2403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403 [ 224 ] CVE-2014-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412 [ 225 ] CVE-2014-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414 [ 226 ] CVE-2014-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421 [ 227 ] CVE-2014-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423 [ 228 ] CVE-2014-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201406-32.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: java-1.6.0-ibm security update Advisory ID: RHSA-2013:0823-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0823.html Issue date: 2013-05-14 CVE Names: CVE-2013-0169 CVE-2013-0401 CVE-2013-1491 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 CVE-2013-2435 CVE-2013-2440 =====================================================================

    1. Summary:

    Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2013-0169, CVE-2013-0401, CVE-2013-1491, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435, CVE-2013-2440)

    All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR13-FP2 release. All running instances of IBM Java must be restarted for the update to take effect.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

    1. Bugs fixed (http://bugzilla.redhat.com/):

    907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13) 920245 - CVE-2013-0401 OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305) 920248 - CVE-2013-1491 Oracle JDK: unspecified sanbox bypass (CanSecWest 2013, 2D) 952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040) 952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435) 952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918) 952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667) 952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617) 952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857) 952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329) 952656 - CVE-2013-2419 ICU: Layout Engine font processing errors (JDK 2D, 8001031) 952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724) 952708 - CVE-2013-2383 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986) 952709 - CVE-2013-2384 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987) 952711 - CVE-2013-1569 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994) 953166 - CVE-2013-1540 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment) 953172 - CVE-2013-1563 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install) 953265 - CVE-2013-2394 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D) 953267 - CVE-2013-2418 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment) 953269 - CVE-2013-2432 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D) 953270 - CVE-2013-2433 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment) 953273 - CVE-2013-2435 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment) 953275 - CVE-2013-2440 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)

    1. Package List:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm

    x86_64: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm

    ppc: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm

    s390x: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.s390.rpm java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.s390.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.s390.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.s390.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.s390.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm

    x86_64: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.i686.rpm

    x86_64: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm

    Red Hat Enterprise Linux HPC Node Supplementary (v. 6):

    x86_64: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.i686.rpm

    ppc64: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.ppc.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm

    s390x: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.s390.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm

    x86_64: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.i686.rpm

    x86_64: java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2013-0169.html https://www.redhat.com/security/data/cve/CVE-2013-0401.html https://www.redhat.com/security/data/cve/CVE-2013-1491.html https://www.redhat.com/security/data/cve/CVE-2013-1537.html https://www.redhat.com/security/data/cve/CVE-2013-1540.html https://www.redhat.com/security/data/cve/CVE-2013-1557.html https://www.redhat.com/security/data/cve/CVE-2013-1563.html https://www.redhat.com/security/data/cve/CVE-2013-1569.html https://www.redhat.com/security/data/cve/CVE-2013-2383.html https://www.redhat.com/security/data/cve/CVE-2013-2384.html https://www.redhat.com/security/data/cve/CVE-2013-2394.html https://www.redhat.com/security/data/cve/CVE-2013-2417.html https://www.redhat.com/security/data/cve/CVE-2013-2418.html https://www.redhat.com/security/data/cve/CVE-2013-2419.html https://www.redhat.com/security/data/cve/CVE-2013-2420.html https://www.redhat.com/security/data/cve/CVE-2013-2422.html https://www.redhat.com/security/data/cve/CVE-2013-2424.html https://www.redhat.com/security/data/cve/CVE-2013-2429.html https://www.redhat.com/security/data/cve/CVE-2013-2430.html https://www.redhat.com/security/data/cve/CVE-2013-2432.html https://www.redhat.com/security/data/cve/CVE-2013-2433.html https://www.redhat.com/security/data/cve/CVE-2013-2435.html https://www.redhat.com/security/data/cve/CVE-2013-2440.html https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/developerworks/java/jdk/alerts/

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFRkpsAXlSAg2UNWIIRArHgAJ99lN3GBaglvj3QTq7laft1RtttvQCgglIn I8ZMWd5AhLgB1TqY/4MQYM0= =wmpI -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-1819-1 May 07, 2013

    openjdk-6 vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 12.04 LTS
    • Ubuntu 11.10
    • Ubuntu 10.04 LTS

    Summary:

    Several security issues were fixed in OpenJDK 6.

    Software Description: - openjdk-6: Open Source Java implementation

    Details:

    Ben Murphy discovered a vulnerability in the OpenJDK JRE related to information disclosure and data integrity. (CVE-2013-0401)

    James Forshaw discovered a vulnerability in the OpenJDK JRE related to information disclosure, data integrity and availability. (CVE-2013-1488)

    Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2013-1518, CVE-2013-1537, CVE-2013-1557, CVE-2013-1558, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2436)

    Two vulnerabilities were discovered in the OpenJDK JRE related to confidentiality. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-2415, CVE-2013-2424)

    Two vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2013-2417, CVE-2013-2419)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b27-1.12.5-0ubuntu0.12.04.1 icedtea-6-jre-jamvm 6b27-1.12.5-0ubuntu0.12.04.1 openjdk-6-jre 6b27-1.12.5-0ubuntu0.12.04.1 openjdk-6-jre-headless 6b27-1.12.5-0ubuntu0.12.04.1 openjdk-6-jre-lib 6b27-1.12.5-0ubuntu0.12.04.1 openjdk-6-jre-zero 6b27-1.12.5-0ubuntu0.12.04.1

    Ubuntu 11.10: icedtea-6-jre-cacao 6b27-1.12.5-0ubuntu0.11.10.1 icedtea-6-jre-jamvm 6b27-1.12.5-0ubuntu0.11.10.1 openjdk-6-jre 6b27-1.12.5-0ubuntu0.11.10.1 openjdk-6-jre-headless 6b27-1.12.5-0ubuntu0.11.10.1 openjdk-6-jre-lib 6b27-1.12.5-0ubuntu0.11.10.1 openjdk-6-jre-zero 6b27-1.12.5-0ubuntu0.11.10.1

    Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b27-1.12.5-0ubuntu0.10.04.1 openjdk-6-jre 6b27-1.12.5-0ubuntu0.10.04.1 openjdk-6-jre-headless 6b27-1.12.5-0ubuntu0.10.04.1 openjdk-6-jre-lib 6b27-1.12.5-0ubuntu0.10.04.1 openjdk-6-jre-zero 6b27-1.12.5-0ubuntu0.10.04.1

    This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384).

    Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2013-2422, CVE-2013-1518, CVE-2013-1557).

    The previous default value of the java.rmi.server.useCodebaseOnly property permitted the RMI implementation to automatically load classes from remotely specified locations. Note: The fix for CVE-2013-1537 changes the default value of the property to true, restricting class loading to the local CLASSPATH and locations specified in the java.rmi.server.codebase property.

    The 2D component did not properly process certain images. An untrusted Java application or applet could possibly use this flaw to trigger Java Virtual Machine memory corruption (CVE-2013-2420).

    It was discovered that the Hotspot component did not properly handle certain intrinsic frames, and did not correctly perform access checks and MethodHandle lookups. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2013-2431, CVE-2013-2421).

    It was discovered that JPEGImageReader and JPEGImageWriter in the ImageIO component did not protect against modification of their state while performing certain native code operations. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption (CVE-2013-2429, CVE-2013-2430).

    The JDBC driver manager could incorrectly call the toString() method in JDBC drivers, and the ConcurrentHashMap class could incorrectly call the defaultReadObject() method. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions (CVE-2013-1488, CVE-2013-2426).

    The sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions (CVE-2013-0401).

    Flaws were discovered in the Network component's InetAddress serialization, and the 2D component's font handling. An untrusted Java application or applet could possibly use these flaws to crash the Java Virtual Machine (CVE-2013-2417, CVE-2013-2419).

    The MBeanInstantiator class implementation in the OpenJDK JMX component did not properly check class access before creating new instances. An untrusted Java application or applet could use this flaw to create instances of non-public classes (CVE-2013-2424).

    It was discovered that JAX-WS could possibly create temporary files with insecure permissions. A local attacker could use this flaw to access temporary files created by an application using JAX-WS (CVE-2013-2415).

    The updated packages provides icedtea6-1.11.10 which is not vulnerable to these issues.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0401 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1488 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1518 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1537 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2417 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2424 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2426 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2429 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2430 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2431 http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124 https://bugzilla.redhat.com/show_bug.cgi?id=952387


    Updated Packages:

    Mandriva Enterprise Server 5: 28320f10570a50ac08575480ee249aed mes5/i586/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm 5a6bf000d48cb35a304f9ec7d4f83d6c mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm 966a2d2681441d30ec9d86f3d93c5a32 mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm 280aee290b6d68ab5e994f8a25a50ad9 mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm 6893259a988e94df07274bf728cc7675 mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm f3d20af548c84815b6c1636273293273 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.src.rpm

    Mandriva Enterprise Server 5/X86_64: 0b253fd82c86e16848eff6d5f9591ce6 mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm 08d1a5099ab26a89b1dae8008e0d98e6 mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm c0433e439964af42aa82371901aa07bc mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm 5e77c039c2d64220d1cf3fce44c86f24 mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm 4dd6c3dbabf6d29cf3ce751bda74f483 mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm f3d20af548c84815b6c1636273293273 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/en/support/security/advisories/

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)

    iD8DBQFRcSLkmqjQ0CJFipgRAsEgAJ4gHSUUcP7uDS3JIxzQZxnCLwXe1QCfTQXq o4NG1rmFdAUfR4q/O/aHdtM= =EXuM -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201304-0300",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "jre",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "oracle",
            "version": "1.6.0"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "oracle",
            "version": "1.5.0"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "model": "jre",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.5.0"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.5.0"
          },
          {
            "model": "jre",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "1.6.0"
          },
          {
            "model": "jdk",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.6.0"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.6.0"
          },
          {
            "model": "jdk",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.5.0"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "1.6.0"
          },
          {
            "model": "jre",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.6.0"
          },
          {
            "model": "jdk",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "model": "jre 1.6.0 03",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 17",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.7.0 8",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 15",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.5.0 17",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 01",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.6.0 18",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 35",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 16",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 22",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.6.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 14",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.6.0 21",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 20",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 38",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 43",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 07",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.6.0 35",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 31",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 18",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.6.0 19",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 10",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 18",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.6.0 03",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 17",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.6.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.7.0 2",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.7.0 8",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.7.0 2",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 20",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 12",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 13",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 14",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.7.0 12",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.5.0 36",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.7.0 10",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.6.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 35",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 41",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 36",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 38",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 37",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 38",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.7.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 14",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 15",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 16",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.5.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 12",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.5.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 33",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 7",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.7"
          },
          {
            "model": "jre 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.6.0 02",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.6.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 01",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.7.0 4",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 9",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.6.0 19",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.7.0 9",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.7.0 13",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 38",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 15",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 22",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 07",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.7.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 20",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 43",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 29",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 35",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 17",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.5.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 14",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 13",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.7.0 7",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 02",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 13",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 10",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jre 1.7.0 4",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 01",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.6.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0 33",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.6.0 21",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 24",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.5.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 22",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 11",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 18",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.7"
          },
          {
            "model": "jdk 1.5.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 22",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.6.0 24",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jre 1.5.0 29",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 17",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0 31",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 15",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 13",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk .0 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.6.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 0 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.5.0 13",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0 24",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0.0 11",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0.0 09",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 11-b03",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.5.0 12",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.7.0 17",
            "scope": null,
            "trust": 0.6,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk .0 04",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 01-b06",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "jdk 1.5.0 41",
            "scope": null,
            "trust": 0.6,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk .0 03",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 1.5.0.0 08",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.7.0 12",
            "scope": null,
            "trust": 0.6,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "jdk 1.5.0.0 09",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.5.0.0 07",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.6.0 01",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 07-b03",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jdk 06",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "jre 1.5.0.0 08",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jre 1.6.0 20",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "jdk 1.5.0.0 12",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "cosminexus developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "5.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "11.10"
          },
          {
            "model": "nsm3000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": "one-x client enablement service sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6)5.5"
          },
          {
            "model": "trio tview software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "3.27.0"
          },
          {
            "model": "nonstop server h06.16.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "intelligent operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.2"
          },
          {
            "model": "nonstop server h06.19.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "one-x client enablement service sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.3"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.2"
          },
          {
            "model": "tivoli provisioning manager for software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7"
          },
          {
            "model": "jdk 01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "model": "maximo asset management essentials",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "model": "nonstop server j06.08.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.15.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.11"
          },
          {
            "model": "websphere cast iron cloud integration virtual applianc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "websphere extreme scale",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "java se",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "model": "trio tview software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "3.29.0"
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1"
          },
          {
            "model": "nonstop server j06.06.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "ucosminexus application server enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "02-00"
          },
          {
            "model": "nonstop server j06.14",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "virtualization engine ts7700",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.31.0.89"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.1"
          },
          {
            "model": "ucosminexus application server standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "cosminexus server web edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "4"
          },
          {
            "model": "linux enterprise software development kit sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "ucosminexus application server express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "09-70"
          },
          {
            "model": "websphere cast iron cloud integration studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "lotus notes fix pack",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.35"
          },
          {
            "model": "nonstop server j06.09.03",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.26",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.1"
          },
          {
            "model": "nonstop server j06.04.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "lotus domino fix pack",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.35"
          },
          {
            "model": "aura system platform sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.6"
          },
          {
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5)5.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.2"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.6"
          },
          {
            "model": "network and security manager software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2012.2-"
          },
          {
            "model": "nonstop server j06.13",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.10"
          },
          {
            "model": "linux enterprise server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0"
          },
          {
            "model": "intelligent operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.1"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1"
          },
          {
            "model": "tivoli endpoint manager for remote control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "model": "nonstop server j06.09.04",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "ucosminexus operator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.5"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.10"
          },
          {
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.3.0.3"
          },
          {
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.1"
          },
          {
            "model": "one-x client enablement service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "nonstop server h06.18.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server j06.15.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.22.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "junos space",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "13.1"
          },
          {
            "model": "websphere cast iron cloud integration physical applian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.1"
          },
          {
            "model": "one-x client enablement service sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0"
          },
          {
            "model": "nonstop server j06.12.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "cosminexus developer light",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "6"
          },
          {
            "model": "tivoli system automation for multiplatforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.2"
          },
          {
            "model": "tivoli system automation for integrated operations management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "model": "websphere extreme scale",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "model": "nonstop server j06.05.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.4"
          },
          {
            "model": "nonstop server j06.08.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server j06.09.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "cosminexus studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "4.0"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "model": "cosminexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "8.0"
          },
          {
            "model": "nonstop server j06.16",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "websphere operational decision management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.0"
          },
          {
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "nonstop server j6.0.14.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "rational host on-demand",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.0.7"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "nsmexpress",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": "java sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1.5"
          },
          {
            "model": "ucosminexus developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "010"
          },
          {
            "model": "network and security manager software 2012.2r9",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": "enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.0.1"
          },
          {
            "model": "rational host on-demand",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.0.8"
          },
          {
            "model": "ucosminexus service architect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "model": "jdk 1.5.0 11",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "websphere cast iron cloud integration live saas offeri",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.2"
          },
          {
            "model": "ucosminexus developer light",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "smart analytics system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "56009.7"
          },
          {
            "model": "cosminexus server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "4"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.4"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "model": "nonstop server j06.07.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "nonstop server j06.09.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "jdk 1.5.0.0 04",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.2"
          },
          {
            "model": "enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "nonstop server j06.10.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server j06.06.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "network and security manager software r7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2012.2"
          },
          {
            "model": "maximo asset management essentials",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.3"
          },
          {
            "model": "aura communication manager utility services sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.16.1.0.9.8"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.4"
          },
          {
            "model": "nonstop server h06.24.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2"
          },
          {
            "model": "jdk 1.5.0.0 06",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "nonstop server h06.25",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.4.0.15"
          },
          {
            "model": "one-x client enablement service sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.1"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "model": "websphere ilog jrules",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "model": "ucosminexus application server light",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "model": "nonstop server h06.15.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "cosminexus application server standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "6"
          },
          {
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.1"
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1.4"
          },
          {
            "model": "uploader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wordpress",
            "version": "1.0"
          },
          {
            "model": "websphere cast iron cloud integration virtual applianc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "model": "cosminexus developer professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "6"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "12.2"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2"
          },
          {
            "model": "jre 1.5.0 09",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "model": "linux enterprise server for vmware sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.2"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.4"
          },
          {
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.5"
          },
          {
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli remote control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.2"
          },
          {
            "model": "websphere cast iron cloud integration virtual applianc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "model": "websphere cast iron cloud integration physical applian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "model": "nonstop server j06.07.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "jre beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "model": "linux enterprise server for vmware sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.5.0.15"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.1"
          },
          {
            "model": "tivoli system automation application manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2"
          },
          {
            "model": "jdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "nonstop server j06.08.04",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server j06.08.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "cosminexus developer standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "6"
          },
          {
            "model": "enterprise server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "model": "jdk 07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "java sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "model": "nonstop server h06.24",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.15.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "cosminexus application server enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "6"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.2"
          },
          {
            "model": "cosminexus application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "5.0"
          },
          {
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "model": "nonstop server h06.16.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "ucosminexus developer professional for plug-in",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "nonstop server h06.18.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.20.03",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "model": "enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "websphere extreme scale",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "model": "network and security manager software r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2012.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.6"
          },
          {
            "model": "intelligent operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5"
          },
          {
            "model": "enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.3.8.3"
          },
          {
            "model": "tivoli endpoint manager for remote control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.2"
          },
          {
            "model": "network and security manager software r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2012.2"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.3"
          },
          {
            "model": "nonstop server j06.13.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli system automation for integrated operations management",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1.4"
          },
          {
            "model": "enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.3.9.3"
          },
          {
            "model": "websphere extreme scale",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "model": "jdk 1.5.0 11-b03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.3"
          },
          {
            "model": "nonstop server h06.19.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2"
          },
          {
            "model": "virtualization engine ts7700",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "model": "tivoli system automation for multiplatforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.5"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.5"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1x8664"
          },
          {
            "model": "websphere extreme scale",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "model": "nonstop server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6"
          },
          {
            "model": "websphere message broker",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0"
          },
          {
            "model": "tivoli system automation application manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.3"
          },
          {
            "model": "network and security manager software r8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2012.2"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.3"
          },
          {
            "model": "enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "nonstop server h06.22.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "websphere cast iron cloud integration live saas offeri",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "network and security manager software r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2012.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.1"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "model": "operational decision manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.3"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.2"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.1"
          },
          {
            "model": "nonstop server h06.19.03",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "cosminexus studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "model": "websphere message broker",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.1"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.2"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2"
          },
          {
            "model": "maximo asset management essentials",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.7"
          },
          {
            "model": "cosminexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "7.0"
          },
          {
            "model": "websphere message broker",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "model": "nonstop server j06.11.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "model": "nonstop server j06.15",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "model": "ucosminexus developer professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "aura experience portal sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "ucosminexus developer standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "nonstop server h06.21.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.8"
          },
          {
            "model": "nonstop server h06.20.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "cosminexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "9.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.3"
          },
          {
            "model": "tivoli system automation application manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.1"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.8"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.3"
          },
          {
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.2"
          },
          {
            "model": "cosminexus client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.1"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.4"
          },
          {
            "model": "nonstop server j06.05.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "jre 07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "nonstop server j06.07.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.21.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.19.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.13"
          },
          {
            "model": "jdk 0 09",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1"
          },
          {
            "model": "jre 1.5.0 08",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.4"
          },
          {
            "model": "websphere cast iron cloud integration studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.7"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.2"
          },
          {
            "model": "ucosminexus application server smart edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "aura conferencing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.7"
          },
          {
            "model": "tivoli system automation for multiplatforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2"
          },
          {
            "model": "nonstop server j06.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.26.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "5"
          },
          {
            "model": "linux enterprise java sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.2"
          },
          {
            "model": "websphere cast iron cloud integration physical applian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "model": "nonstop server j06.04.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "websphere cast iron cloud integration studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.3"
          },
          {
            "model": "aura conferencing sp1 standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "model": "nonstop server j06.04.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "model": "nonstop server j06.06.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.0.1"
          },
          {
            "model": "one-x client enablement service sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.8"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "model": "nonstop server h06.21.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.5"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.3"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.1.0.9"
          },
          {
            "model": "tivoli provisioning manager for software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "model": "java se",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "model": "nonstop server j06.06.03",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2.4"
          },
          {
            "model": "nonstop server h06.17.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "jdk 1.5.0 07-b03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "network and security manager software r6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2012.2"
          },
          {
            "model": "lotus notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "model": "aura experience portal sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "model": "operational decision manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2"
          },
          {
            "model": "junos space 13.3r1.8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": "aura system platform sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "model": "ucosminexus service platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.5"
          },
          {
            "model": "jdk 1.6.0 01-b06",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "nonstop server h06.20.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "ucosminexus client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "aura system platform sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "model": "nonstop server j06.10.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli system automation application manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.2"
          },
          {
            "model": "enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "nonstop server h06.17.03",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1.1"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3.0"
          },
          {
            "model": "enterprise linux hpc node supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "ucosminexus application server standard-r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hitachi",
            "version": "0"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "model": "nonstop server h06.16.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "jdk 1.5.0.0 03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.0.9.8"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "nonstop server j06.05.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7"
          },
          {
            "model": "linux enterprise java sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.5"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "model": "tivoli composite application manager for transactions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.2"
          },
          {
            "model": "rational host on-demand",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.0"
          },
          {
            "model": "nonstop server h06.20.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "model": "jdk 0 03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "model": "linux enterprise software development kit sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "model": "nonstop server j06.09.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.12"
          },
          {
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "nonstop server h06.17.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server j06.08.03",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "aura conferencing standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "nonstop server j06.10.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "model": "network and security manager software r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2012.2"
          },
          {
            "model": "nonstop server h06.25.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.18.01",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server h06.27",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "tivoli system automation for multiplatforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.1"
          },
          {
            "model": "nonstop server h06.17.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "nonstop server j06.14.02",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.2"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "59194"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201304-359"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1537"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:*:update17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.7.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:*:update17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.7.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:*:update43:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.6.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:*:update43:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.6.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jre:*:update41:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.5.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:*:update41:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.5.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-1537"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Red Hat",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "123734"
          },
          {
            "db": "PACKETSTORM",
            "id": "121631"
          },
          {
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "db": "PACKETSTORM",
            "id": "123735"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2013-1537",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULMON",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2013-1537",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "HIGH",
                "trust": 0.1,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2013-1537",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201304-359",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2013-1537",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2013-1537"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201304-359"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1537"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.  NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform \"dynamic class downloading\" and execute arbitrary code. Oracle Java SE is prone to a remote code execution vulnerability in Java Runtime Environment. \nAn attacker can exploit this issue to execute arbitrary code in the context of the current user. \nThis vulnerability affects the following supported versions:\n7 Update 17 ,  6 Update 43 ,  5.0 Update 41. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201406-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: IcedTea JDK: Multiple vulnerabilities\n     Date: June 29, 2014\n     Bugs: #312297, #330205, #340819, #346799, #352035, #353418,\n           #354231, #355127, #370787, #387637, #404095, #421031,\n           #429522, #433389, #438750, #442478, #457206, #458410,\n           #461714, #466822, #477210, #489570, #508270\n       ID: 201406-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the IcedTea JDK, the worst\nof which could lead to arbitrary code execution. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  dev-java/icedtea-bin        \u003c 6.1.13.3               \u003e= 6.1.13.3 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the IcedTea JDK. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, bypass intended security policies, or have other\nunspecified impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll IcedTea JDK users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-java/icedtea-bin-6.1.13.3\"\n\nReferences\n==========\n\n[   1 ] CVE-2009-3555\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555\n[   2 ] CVE-2010-2548\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548\n[   3 ] CVE-2010-2783\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783\n[   4 ] CVE-2010-3541\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541\n[   5 ] CVE-2010-3548\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548\n[   6 ] CVE-2010-3549\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549\n[   7 ] CVE-2010-3551\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551\n[   8 ] CVE-2010-3553\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553\n[   9 ] CVE-2010-3554\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554\n[  10 ] CVE-2010-3557\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557\n[  11 ] CVE-2010-3561\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561\n[  12 ] CVE-2010-3562\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562\n[  13 ] CVE-2010-3564\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564\n[  14 ] CVE-2010-3565\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565\n[  15 ] CVE-2010-3566\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566\n[  16 ] CVE-2010-3567\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567\n[  17 ] CVE-2010-3568\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568\n[  18 ] CVE-2010-3569\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569\n[  19 ] CVE-2010-3573\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573\n[  20 ] CVE-2010-3574\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574\n[  21 ] CVE-2010-3860\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860\n[  22 ] CVE-2010-4351\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351\n[  23 ] CVE-2010-4448\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448\n[  24 ] CVE-2010-4450\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450\n[  25 ] CVE-2010-4465\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465\n[  26 ] CVE-2010-4467\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467\n[  27 ] CVE-2010-4469\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469\n[  28 ] CVE-2010-4470\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470\n[  29 ] CVE-2010-4471\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471\n[  30 ] CVE-2010-4472\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472\n[  31 ] CVE-2010-4476\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476\n[  32 ] CVE-2011-0025\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025\n[  33 ] CVE-2011-0706\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706\n[  34 ] CVE-2011-0815\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815\n[  35 ] CVE-2011-0822\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822\n[  36 ] CVE-2011-0862\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862\n[  37 ] CVE-2011-0864\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864\n[  38 ] CVE-2011-0865\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865\n[  39 ] CVE-2011-0868\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868\n[  40 ] CVE-2011-0869\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869\n[  41 ] CVE-2011-0870\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870\n[  42 ] CVE-2011-0871\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871\n[  43 ] CVE-2011-0872\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872\n[  44 ] CVE-2011-3389\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[  45 ] CVE-2011-3521\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521\n[  46 ] CVE-2011-3544\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544\n[  47 ] CVE-2011-3547\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547\n[  48 ] CVE-2011-3548\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548\n[  49 ] CVE-2011-3551\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551\n[  50 ] CVE-2011-3552\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552\n[  51 ] CVE-2011-3553\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553\n[  52 ] CVE-2011-3554\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554\n[  53 ] CVE-2011-3556\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556\n[  54 ] CVE-2011-3557\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557\n[  55 ] CVE-2011-3558\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558\n[  56 ] CVE-2011-3560\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560\n[  57 ] CVE-2011-3563\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[  58 ] CVE-2011-3571\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571\n[  59 ] CVE-2011-5035\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[  60 ] CVE-2012-0497\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[  61 ] CVE-2012-0501\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[  62 ] CVE-2012-0502\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[  63 ] CVE-2012-0503\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[  64 ] CVE-2012-0505\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[  65 ] CVE-2012-0506\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[  66 ] CVE-2012-0547\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[  67 ] CVE-2012-1711\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[  68 ] CVE-2012-1713\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[  69 ] CVE-2012-1716\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[  70 ] CVE-2012-1717\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[  71 ] CVE-2012-1718\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[  72 ] CVE-2012-1719\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[  73 ] CVE-2012-1723\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[  74 ] CVE-2012-1724\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[  75 ] CVE-2012-1725\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[  76 ] CVE-2012-1726\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[  77 ] CVE-2012-3216\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[  78 ] CVE-2012-3422\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422\n[  79 ] CVE-2012-3423\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423\n[  80 ] CVE-2012-4416\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[  81 ] CVE-2012-4540\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540\n[  82 ] CVE-2012-5068\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[  83 ] CVE-2012-5069\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[  84 ] CVE-2012-5070\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[  85 ] CVE-2012-5071\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[  86 ] CVE-2012-5072\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[  87 ] CVE-2012-5073\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[  88 ] CVE-2012-5074\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[  89 ] CVE-2012-5075\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[  90 ] CVE-2012-5076\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[  91 ] CVE-2012-5077\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[  92 ] CVE-2012-5081\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[  93 ] CVE-2012-5084\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[  94 ] CVE-2012-5085\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[  95 ] CVE-2012-5086\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[  96 ] CVE-2012-5087\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[  97 ] CVE-2012-5089\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[  98 ] CVE-2012-5979\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979\n[  99 ] CVE-2013-0169\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 100 ] CVE-2013-0401\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 101 ] CVE-2013-0424\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424\n[ 102 ] CVE-2013-0425\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425\n[ 103 ] CVE-2013-0426\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426\n[ 104 ] CVE-2013-0427\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427\n[ 105 ] CVE-2013-0428\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428\n[ 106 ] CVE-2013-0429\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429\n[ 107 ] CVE-2013-0431\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431\n[ 108 ] CVE-2013-0432\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432\n[ 109 ] CVE-2013-0433\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433\n[ 110 ] CVE-2013-0434\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434\n[ 111 ] CVE-2013-0435\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435\n[ 112 ] CVE-2013-0440\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440\n[ 113 ] CVE-2013-0441\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441\n[ 114 ] CVE-2013-0442\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442\n[ 115 ] CVE-2013-0443\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443\n[ 116 ] CVE-2013-0444\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444\n[ 117 ] CVE-2013-0450\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450\n[ 118 ] CVE-2013-0809\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 119 ] CVE-2013-1475\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475\n[ 120 ] CVE-2013-1476\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476\n[ 121 ] CVE-2013-1478\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478\n[ 122 ] CVE-2013-1480\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480\n[ 123 ] CVE-2013-1484\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 124 ] CVE-2013-1485\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 125 ] CVE-2013-1486\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 126 ] CVE-2013-1488\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 127 ] CVE-2013-1493\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 128 ] CVE-2013-1500\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 129 ] CVE-2013-1518\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 130 ] CVE-2013-1537\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 131 ] CVE-2013-1557\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 132 ] CVE-2013-1569\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 133 ] CVE-2013-1571\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 134 ] CVE-2013-2383\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 135 ] CVE-2013-2384\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 136 ] CVE-2013-2407\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 137 ] CVE-2013-2412\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 138 ] CVE-2013-2415\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 139 ] CVE-2013-2417\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 140 ] CVE-2013-2419\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 141 ] CVE-2013-2420\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 142 ] CVE-2013-2421\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 143 ] CVE-2013-2422\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 144 ] CVE-2013-2423\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 145 ] CVE-2013-2424\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 146 ] CVE-2013-2426\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 147 ] CVE-2013-2429\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 148 ] CVE-2013-2430\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 149 ] CVE-2013-2431\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 150 ] CVE-2013-2436\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 151 ] CVE-2013-2443\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 152 ] CVE-2013-2444\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 153 ] CVE-2013-2445\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 154 ] CVE-2013-2446\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 155 ] CVE-2013-2447\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 156 ] CVE-2013-2448\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 157 ] CVE-2013-2449\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 158 ] CVE-2013-2450\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 159 ] CVE-2013-2451\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 160 ] CVE-2013-2452\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 161 ] CVE-2013-2453\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 162 ] CVE-2013-2454\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 163 ] CVE-2013-2455\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 164 ] CVE-2013-2456\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 165 ] CVE-2013-2457\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 166 ] CVE-2013-2458\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 167 ] CVE-2013-2459\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 168 ] CVE-2013-2460\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 169 ] CVE-2013-2461\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 170 ] CVE-2013-2463\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 171 ] CVE-2013-2465\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 172 ] CVE-2013-2469\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 173 ] CVE-2013-2470\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 174 ] CVE-2013-2471\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 175 ] CVE-2013-2472\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 176 ] CVE-2013-2473\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 177 ] CVE-2013-3829\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 178 ] CVE-2013-4002\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002\n[ 179 ] CVE-2013-5772\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 180 ] CVE-2013-5774\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 181 ] CVE-2013-5778\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 182 ] CVE-2013-5780\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 183 ] CVE-2013-5782\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 184 ] CVE-2013-5783\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 185 ] CVE-2013-5784\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 186 ] CVE-2013-5790\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 187 ] CVE-2013-5797\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 188 ] CVE-2013-5800\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 189 ] CVE-2013-5802\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 190 ] CVE-2013-5803\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 191 ] CVE-2013-5804\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 192 ] CVE-2013-5805\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 193 ] CVE-2013-5806\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 194 ] CVE-2013-5809\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 195 ] CVE-2013-5814\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 196 ] CVE-2013-5817\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 197 ] CVE-2013-5820\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 198 ] CVE-2013-5823\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 199 ] CVE-2013-5825\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 200 ] CVE-2013-5829\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 201 ] CVE-2013-5830\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 202 ] CVE-2013-5840\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 203 ] CVE-2013-5842\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 204 ] CVE-2013-5849\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 205 ] CVE-2013-5850\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 206 ] CVE-2013-5851\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 207 ] CVE-2013-6629\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629\n[ 208 ] CVE-2013-6954\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954\n[ 209 ] CVE-2014-0429\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429\n[ 210 ] CVE-2014-0446\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446\n[ 211 ] CVE-2014-0451\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451\n[ 212 ] CVE-2014-0452\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452\n[ 213 ] CVE-2014-0453\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453\n[ 214 ] CVE-2014-0456\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456\n[ 215 ] CVE-2014-0457\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457\n[ 216 ] CVE-2014-0458\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458\n[ 217 ] CVE-2014-0459\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459\n[ 218 ] CVE-2014-0460\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460\n[ 219 ] CVE-2014-0461\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461\n[ 220 ] CVE-2014-1876\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876\n[ 221 ] CVE-2014-2397\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397\n[ 222 ] CVE-2014-2398\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398\n[ 223 ] CVE-2014-2403\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403\n[ 224 ] CVE-2014-2412\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412\n[ 225 ] CVE-2014-2414\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414\n[ 226 ] CVE-2014-2421\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421\n[ 227 ] CVE-2014-2423\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423\n[ 228 ] CVE-2014-2427\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201406-32.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: java-1.6.0-ibm security update\nAdvisory ID:       RHSA-2013:0823-01\nProduct:           Red Hat Enterprise Linux Supplementary\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2013-0823.html\nIssue date:        2013-05-14\nCVE Names:         CVE-2013-0169 CVE-2013-0401 CVE-2013-1491 \n                   CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 \n                   CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 \n                   CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 \n                   CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 \n                   CVE-2013-2422 CVE-2013-2424 CVE-2013-2429 \n                   CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 \n                   CVE-2013-2435 CVE-2013-2440 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.6.0-ibm packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Detailed\nvulnerability descriptions are linked from the IBM Security alerts page,\nlisted in the References section. (CVE-2013-0169, CVE-2013-0401,\nCVE-2013-1491, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563,\nCVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2417,\nCVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424,\nCVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435,\nCVE-2013-2440)\n\nAll users of java-1.6.0-ibm are advised to upgrade to these updated\npackages, containing the IBM Java SE 6 SR13-FP2 release. All running\ninstances of IBM Java must be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)\n920245 - CVE-2013-0401 OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305)\n920248 - CVE-2013-1491 Oracle JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)\n952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040)\n952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)\n952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)\n952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)\n952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617)\n952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)\n952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)\n952656 - CVE-2013-2419 ICU: Layout Engine font processing errors (JDK 2D, 8001031)\n952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)\n952708 - CVE-2013-2383 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986)\n952709 - CVE-2013-2384 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)\n952711 - CVE-2013-1569 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994)\n953166 - CVE-2013-1540 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)\n953172 - CVE-2013-1563 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)\n953265 - CVE-2013-2394 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)\n953267 - CVE-2013-2418 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)\n953269 - CVE-2013-2432 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)\n953270 - CVE-2013-2433 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)\n953273 - CVE-2013-2435 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)\n953275 - CVE-2013-2440 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\n\nx86_64:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\n\nppc:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm\njava-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm\n\ns390x:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.s390.rpm\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm\njava-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.s390.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.s390.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.s390.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.s390.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm\n\nx86_64:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\n\nx86_64:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6):\n\nx86_64:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\n\nppc64:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.ppc.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm\n\ns390x:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.s390.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm\n\nx86_64:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\n\nx86_64:\njava-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm\njava-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\njava-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0169.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0401.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1491.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1537.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1540.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1557.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1563.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1569.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2383.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2384.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2394.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2418.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2419.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2420.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2422.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2440.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://www.ibm.com/developerworks/java/jdk/alerts/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRkpsAXlSAg2UNWIIRArHgAJ99lN3GBaglvj3QTq7laft1RtttvQCgglIn\nI8ZMWd5AhLgB1TqY/4MQYM0=\n=wmpI\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ==========================================================================\nUbuntu Security Notice USN-1819-1\nMay 07, 2013\n\nopenjdk-6 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK 6. \n\nSoftware Description:\n- openjdk-6: Open Source Java implementation\n\nDetails:\n\nBen Murphy discovered a vulnerability in the OpenJDK JRE related to\ninformation disclosure and data integrity. (CVE-2013-0401)\n\nJames Forshaw discovered a vulnerability in the OpenJDK JRE related to\ninformation disclosure, data integrity and availability. (CVE-2013-1488)\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure, data integrity and availability. An attacker could\nexploit these to cause a denial of service or expose sensitive data over\nthe network. (CVE-2013-1518, CVE-2013-1537, CVE-2013-1557, CVE-2013-1558,\nCVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2420, CVE-2013-2421,\nCVE-2013-2422, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431,\nCVE-2013-2436)\n\nTwo vulnerabilities were discovered in the OpenJDK JRE related to\nconfidentiality. An attacker could exploit these to expose sensitive data\nover the network. (CVE-2013-2415, CVE-2013-2424)\n\nTwo vulnerabilities were discovered in the OpenJDK JRE related to\navailability. An attacker could exploit these to cause a denial of service. \n(CVE-2013-2417, CVE-2013-2419)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n  icedtea-6-jre-cacao             6b27-1.12.5-0ubuntu0.12.04.1\n  icedtea-6-jre-jamvm             6b27-1.12.5-0ubuntu0.12.04.1\n  openjdk-6-jre                   6b27-1.12.5-0ubuntu0.12.04.1\n  openjdk-6-jre-headless          6b27-1.12.5-0ubuntu0.12.04.1\n  openjdk-6-jre-lib               6b27-1.12.5-0ubuntu0.12.04.1\n  openjdk-6-jre-zero              6b27-1.12.5-0ubuntu0.12.04.1\n\nUbuntu 11.10:\n  icedtea-6-jre-cacao             6b27-1.12.5-0ubuntu0.11.10.1\n  icedtea-6-jre-jamvm             6b27-1.12.5-0ubuntu0.11.10.1\n  openjdk-6-jre                   6b27-1.12.5-0ubuntu0.11.10.1\n  openjdk-6-jre-headless          6b27-1.12.5-0ubuntu0.11.10.1\n  openjdk-6-jre-lib               6b27-1.12.5-0ubuntu0.11.10.1\n  openjdk-6-jre-zero              6b27-1.12.5-0ubuntu0.11.10.1\n\nUbuntu 10.04 LTS:\n  icedtea-6-jre-cacao             6b27-1.12.5-0ubuntu0.10.04.1\n  openjdk-6-jre                   6b27-1.12.5-0ubuntu0.10.04.1\n  openjdk-6-jre-headless          6b27-1.12.5-0ubuntu0.10.04.1\n  openjdk-6-jre-lib               6b27-1.12.5-0ubuntu0.10.04.1\n  openjdk-6-jre-zero              6b27-1.12.5-0ubuntu0.10.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. After a standard system update you need to restart any Java\napplications or applets to make all the necessary changes. An untrusted Java application or applet could possibly\n use these flaws to trigger Java Virtual Machine memory corruption\n (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384). \n \n Multiple improper permission check issues were discovered in the Beans,\n Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java\n application or applet could use these flaws to bypass Java sandbox\n restrictions (CVE-2013-2422, CVE-2013-1518, CVE-2013-1557). \n \n The previous default value of the java.rmi.server.useCodebaseOnly\n property permitted the RMI implementation to automatically load\n classes from remotely specified locations. Note: The\n fix for CVE-2013-1537 changes the default value of the property to\n true, restricting class loading to the local CLASSPATH and locations\n specified in the java.rmi.server.codebase property. \n \n The 2D component did not properly process certain images. An untrusted\n Java application or applet could possibly use this flaw to trigger\n Java Virtual Machine memory corruption (CVE-2013-2420). \n \n It was discovered that the Hotspot component did not properly handle\n certain intrinsic frames, and did not correctly perform access\n checks and MethodHandle lookups. An untrusted Java application or\n applet could use these flaws to bypass Java sandbox restrictions\n (CVE-2013-2431, CVE-2013-2421). \n \n It was discovered that JPEGImageReader and JPEGImageWriter in the\n ImageIO component did not protect against modification of their state\n while performing certain native code operations. An untrusted Java\n application or applet could possibly use these flaws to trigger Java\n Virtual Machine memory corruption (CVE-2013-2429, CVE-2013-2430). \n \n The JDBC driver manager could incorrectly call the toString() method\n in JDBC drivers, and the ConcurrentHashMap class could incorrectly\n call the defaultReadObject() method. An untrusted Java application\n or applet could possibly use these flaws to bypass Java sandbox\n restrictions (CVE-2013-1488, CVE-2013-2426). \n \n The sun.awt.datatransfer.ClassLoaderObjectInputStream class may\n incorrectly invoke the system class loader. An untrusted Java\n application or applet could possibly use this flaw to bypass certain\n Java sandbox restrictions (CVE-2013-0401). \n \n Flaws were discovered in the Network component\u0026#039;s InetAddress\n serialization, and the 2D component\u0026#039;s font handling. An untrusted\n Java application or applet could possibly use these flaws to crash\n the Java Virtual Machine (CVE-2013-2417, CVE-2013-2419). \n \n The MBeanInstantiator class implementation in the OpenJDK JMX component\n did not properly check class access before creating new instances. An\n untrusted Java application or applet could use this flaw to create\n instances of non-public classes (CVE-2013-2424). \n \n It was discovered that JAX-WS could possibly create temporary files\n with insecure permissions. A local attacker could use this flaw\n to access temporary files created by an application using JAX-WS\n (CVE-2013-2415). \n \n The updated packages provides icedtea6-1.11.10 which is not vulnerable\n to these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0401\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1488\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1518\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1537\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1557\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2415\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2417\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2420\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2424\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2426\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2429\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2430\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2431\n http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html\n http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124\n https://bugzilla.redhat.com/show_bug.cgi?id=952387\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Enterprise Server 5:\n 28320f10570a50ac08575480ee249aed  mes5/i586/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm\n 5a6bf000d48cb35a304f9ec7d4f83d6c  mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm\n 966a2d2681441d30ec9d86f3d93c5a32  mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm\n 280aee290b6d68ab5e994f8a25a50ad9  mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm\n 6893259a988e94df07274bf728cc7675  mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm \n f3d20af548c84815b6c1636273293273  mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n 0b253fd82c86e16848eff6d5f9591ce6  mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm\n 08d1a5099ab26a89b1dae8008e0d98e6  mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm\n c0433e439964af42aa82371901aa07bc  mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm\n 5e77c039c2d64220d1cf3fce44c86f24  mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm\n 4dd6c3dbabf6d29cf3ce751bda74f483  mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm \n f3d20af548c84815b6c1636273293273  mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFRcSLkmqjQ0CJFipgRAsEgAJ4gHSUUcP7uDS3JIxzQZxnCLwXe1QCfTQXq\no4NG1rmFdAUfR4q/O/aHdtM=\n=EXuM\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-1537"
          },
          {
            "db": "BID",
            "id": "59194"
          },
          {
            "db": "VULMON",
            "id": "CVE-2013-1537"
          },
          {
            "db": "PACKETSTORM",
            "id": "123734"
          },
          {
            "db": "PACKETSTORM",
            "id": "127267"
          },
          {
            "db": "PACKETSTORM",
            "id": "121631"
          },
          {
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "db": "PACKETSTORM",
            "id": "123735"
          },
          {
            "db": "PACKETSTORM",
            "id": "121555"
          },
          {
            "db": "PACKETSTORM",
            "id": "121361"
          }
        ],
        "trust": 1.89
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-1537",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "59194",
            "trust": 2.0
          },
          {
            "db": "USCERT",
            "id": "TA13-107A",
            "trust": 1.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201304-359",
            "trust": 0.6
          },
          {
            "db": "HITACHI",
            "id": "HS13-010",
            "trust": 0.3
          },
          {
            "db": "JUNIPER",
            "id": "JSA10642",
            "trust": 0.3
          },
          {
            "db": "JUNIPER",
            "id": "JSA10627",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-213-02",
            "trust": 0.3
          },
          {
            "db": "VULMON",
            "id": "CVE-2013-1537",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "123734",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "127267",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121631",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121703",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "123735",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121555",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121361",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2013-1537"
          },
          {
            "db": "BID",
            "id": "59194"
          },
          {
            "db": "PACKETSTORM",
            "id": "123734"
          },
          {
            "db": "PACKETSTORM",
            "id": "127267"
          },
          {
            "db": "PACKETSTORM",
            "id": "121631"
          },
          {
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "db": "PACKETSTORM",
            "id": "123735"
          },
          {
            "db": "PACKETSTORM",
            "id": "121555"
          },
          {
            "db": "PACKETSTORM",
            "id": "121361"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201304-359"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1537"
          }
        ]
      },
      "id": "VAR-201304-0300",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 1.0
      },
      "last_update_date": "2024-07-23T21:35:11.273000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "jre-7u21-linux-i586",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45704"
          },
          {
            "title": "jre-7u21-macosx-x64",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45708"
          },
          {
            "title": "jre-7u21-solaris-sparcv9",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45712"
          },
          {
            "title": "jre-7u21-windows-x64",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45716"
          },
          {
            "title": "jre-7u21-linux-i586",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45703"
          },
          {
            "title": "jre-7u21-macosx-x64",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45707"
          },
          {
            "title": "jre-7u21-solaris-sparc",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45711"
          },
          {
            "title": "jre-7u21-windows-i586",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45715"
          },
          {
            "title": "jre-7u21-linux-x64",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45706"
          },
          {
            "title": "jre-7u21-solaris-x64",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45710"
          },
          {
            "title": "jre-7u21-windows-i586",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45714"
          },
          {
            "title": "jre-7u21-linux-x64",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45705"
          },
          {
            "title": "jre-7u21-solaris-i586",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45709"
          },
          {
            "title": "jre-7u21-windows-i586-iftw",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45713"
          },
          {
            "title": "jre-7u21-windows-x64",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45717"
          },
          {
            "title": "Red Hat: CVE-2013-1537",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2013-1537"
          },
          {
            "title": "Red Hat: Important: java-1.6.0-openjdk security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130770 - security advisory"
          },
          {
            "title": "Red Hat: Critical: java-1.7.0-openjdk security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130751 - security advisory"
          },
          {
            "title": "Red Hat: Critical: java-1.6.0-ibm security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130823 - security advisory"
          },
          {
            "title": "Red Hat: Critical: java-1.6.0-sun security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130758 - security advisory"
          },
          {
            "title": "Red Hat: Important: java-1.7.0-openjdk security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130752 - security advisory"
          },
          {
            "title": "Red Hat: Critical: java-1.7.0-oracle security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130757 - security advisory"
          },
          {
            "title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1806-1"
          },
          {
            "title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1819-1"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2013-185",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2013-185"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2013-183",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2013-183"
          },
          {
            "title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20131456 - security advisory"
          },
          {
            "title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20131455 - security advisory"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2013-1537"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201304-359"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-1537"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
          },
          {
            "trust": 2.1,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952387"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-1456.html"
          },
          {
            "trust": 1.8,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2013-0124"
          },
          {
            "trust": 1.8,
            "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-april/022796.html"
          },
          {
            "trust": 1.8,
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "trust": 1.8,
            "url": "http://www.securityfocus.com/bid/59194"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-1806-1"
          },
          {
            "trust": 1.7,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-0752.html"
          },
          {
            "trust": 1.7,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-0758.html"
          },
          {
            "trust": 1.7,
            "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/096ed306159f"
          },
          {
            "trust": 1.7,
            "url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
          },
          {
            "trust": 1.7,
            "url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
          },
          {
            "trust": 1.7,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-0757.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/java/javase/7u21-relnotes-1932873.html#rmichanges"
          },
          {
            "trust": 1.7,
            "url": "http://www.security-explorations.com/en/se-2012-01-details.html"
          },
          {
            "trust": 1.7,
            "url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/f098e2297ff1"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
          },
          {
            "trust": 1.7,
            "url": "http://seclists.org/fulldisclosure/2013/feb/18"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03898880"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:150"
          },
          {
            "trust": 1.7,
            "url": "http://www.us-cert.gov/ncas/alerts/ta13-107a"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2013/apr/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:145"
          },
          {
            "trust": 1.7,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2013-0130"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:161"
          },
          {
            "trust": 1.7,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19550"
          },
          {
            "trust": 1.7,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19385"
          },
          {
            "trust": 1.7,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16578"
          },
          {
            "trust": 0.6,
            "url": "https://downloads.avaya.com/css/p8/documents/100172168"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2419.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0401.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1569.html"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1557.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2429.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1537.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2432.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1491.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2383.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2424.html"
          },
          {
            "trust": 0.4,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2417.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2394.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2430.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2384.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0169.html"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2420.html"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1569"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0401"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2420"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2383"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1557"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2384"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2430"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2429"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2419"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1537"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2417"
          },
          {
            "trust": 0.3,
            "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10627"
          },
          {
            "trust": 0.3,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10642\u0026cat=sirt_1\u0026actp=list"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#oracle_april_16_2013_cpu"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649510"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640058"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034690"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034225"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
          },
          {
            "trust": 0.3,
            "url": "http://prod.lists.apple.com/archives/security-announce/2013/apr/msg00001.html"
          },
          {
            "trust": 0.3,
            "url": "http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04126444"
          },
          {
            "trust": 0.3,
            "url": "http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jz8iz8..t.d3wy.82bm.bw89mq%5f%5fcviafmb0"
          },
          {
            "trust": 0.3,
            "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs13-010/index.html"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001531"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640206"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21637512"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640420"
          },
          {
            "trust": 0.3,
            "url": "https://downloads.avaya.com/css/p8/documents/100172158"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633170"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640763"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645096"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645100"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643544"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21649300"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644918"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647384"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21643697"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642358"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004513"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649318"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643618"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643513"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645425"
          },
          {
            "trust": 0.3,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00001.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1540.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2422.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2435.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2418.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1563.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2433.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2440.html"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2424"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2422"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2468.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1476.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2463.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2446.html"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/site/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1500.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0428.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1480.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2444.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0425.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2454.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5089.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1722.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5079.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0419.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1721.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5081.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0409.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5071.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0423.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1532.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-3216.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5069.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5084.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0443.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2451.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0809.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1487.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0351.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-4820.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0427.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0433.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1493.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5073.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-4823.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2456.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-3743.html"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#low"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2407.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2470.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5068.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1541.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-4822.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-3159.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5075.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2471.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2443.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1713.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-3213.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0441.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2457.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2412.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5072.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1718.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0432.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0446.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1481.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1717.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1531.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2447.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2452.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0450.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2464.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1571.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1473.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0547.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2465.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2472.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2466.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2453.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2473.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2437.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1716.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5083.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1533.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-3342.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0426.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2450.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-3143.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0440.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1725.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0445.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2455.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1682.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2442.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2459.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0442.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0551.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0424.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2448.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-1719.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1486.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-2469.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0438.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1478.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0435.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0434.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1491"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
          },
          {
            "trust": 0.2,
            "url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2394"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/knowledge/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2432"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1518"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2431"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2421"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2426"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1488"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2415"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2013-1537"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/1806-1/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-0873.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3548.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3521"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3556.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3563.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3546"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3551.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0497.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0500.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3389.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3561.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-0863.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0499.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0862"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-0867.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0507.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3552.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-0814.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3547.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3549"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0503.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3554.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3549.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3553"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3516.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-0871.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3554"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-0868.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0873"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3548"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3521.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3551"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3547"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3553.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3545"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-0802.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-0865.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3516"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3545.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-0862.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3561"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3556"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3544.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0867"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0506.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0501.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0869"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3560.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3550"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3557.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0865"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0502.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0498.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3560"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3546.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3552"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3544"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-0869.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0863"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3550.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-5035.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3557"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-0505.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0871"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0868"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0802"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0814"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2440"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2435"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2418"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2013-0823.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2433"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1540"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1563"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2013-0855.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3342"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4823"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3143"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1541"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1719"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1533"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4822"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3216"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0547"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5068"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1725"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1532"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3213"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5069"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0551"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4820"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1717"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1722"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1716"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1718"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1531"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5071"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1713"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5072"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1682"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1721"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3159"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5073"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.5-0ubuntu0.10.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2436"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.5-0ubuntu0.11.10.1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1558"
          },
          {
            "trust": 0.1,
            "url": "http://www.ubuntu.com/usn/usn-1819-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.5-0ubuntu0.12.04.1"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2431"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2426"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2421"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1569"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2420"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1488"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1518"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2419"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2384"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2417"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0401"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2429"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1557"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2383"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1537"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2415"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2424"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2430"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2422"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2013-1537"
          },
          {
            "db": "BID",
            "id": "59194"
          },
          {
            "db": "PACKETSTORM",
            "id": "123734"
          },
          {
            "db": "PACKETSTORM",
            "id": "127267"
          },
          {
            "db": "PACKETSTORM",
            "id": "121631"
          },
          {
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "db": "PACKETSTORM",
            "id": "123735"
          },
          {
            "db": "PACKETSTORM",
            "id": "121555"
          },
          {
            "db": "PACKETSTORM",
            "id": "121361"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201304-359"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1537"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2013-1537"
          },
          {
            "db": "BID",
            "id": "59194"
          },
          {
            "db": "PACKETSTORM",
            "id": "123734"
          },
          {
            "db": "PACKETSTORM",
            "id": "127267"
          },
          {
            "db": "PACKETSTORM",
            "id": "121631"
          },
          {
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "db": "PACKETSTORM",
            "id": "123735"
          },
          {
            "db": "PACKETSTORM",
            "id": "121555"
          },
          {
            "db": "PACKETSTORM",
            "id": "121361"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201304-359"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1537"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-04-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2013-1537"
          },
          {
            "date": "2013-04-16T00:00:00",
            "db": "BID",
            "id": "59194"
          },
          {
            "date": "2013-10-23T22:57:57",
            "db": "PACKETSTORM",
            "id": "123734"
          },
          {
            "date": "2014-06-30T23:39:28",
            "db": "PACKETSTORM",
            "id": "127267"
          },
          {
            "date": "2013-05-14T20:49:34",
            "db": "PACKETSTORM",
            "id": "121631"
          },
          {
            "date": "2013-05-23T00:42:44",
            "db": "PACKETSTORM",
            "id": "121703"
          },
          {
            "date": "2013-10-23T22:58:21",
            "db": "PACKETSTORM",
            "id": "123735"
          },
          {
            "date": "2013-05-07T20:22:00",
            "db": "PACKETSTORM",
            "id": "121555"
          },
          {
            "date": "2013-04-19T19:11:00",
            "db": "PACKETSTORM",
            "id": "121361"
          },
          {
            "date": "2013-04-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201304-359"
          },
          {
            "date": "2013-04-17T18:55:06.570000",
            "db": "NVD",
            "id": "CVE-2013-1537"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-09-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2013-1537"
          },
          {
            "date": "2017-08-11T20:11:00",
            "db": "BID",
            "id": "59194"
          },
          {
            "date": "2022-05-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201304-359"
          },
          {
            "date": "2022-05-13T14:52:55.417000",
            "db": "NVD",
            "id": "CVE-2013-1537"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201304-359"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Oracle Java SE JRE Unknown security vulnerability",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201304-359"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Unknown",
        "sources": [
          {
            "db": "BID",
            "id": "59194"
          }
        ],
        "trust": 0.3
      }
    }

    VAR-200810-0141

    Vulnerability from variot - Updated: 2024-07-23 21:33

    Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007. The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. NOTE: This BID is being retired; the following individual records have been created to better document these issues: 31716 Apple Script Editor Unspecified Insecure Temporary File Creation Vulnerability 31718 Apple Mac OS X Server Weblog Access Control List Security Bypass Vulnerability 31708 Apple Mac OS X 'hosts.equiv' Security Bypass Vulnerability 31721 Apple Mac OS X 10.5 Postfix Security Bypass Vulnerability 31719 Apple PSNormalizer PostScript Buffer Overflow Vulnerability 31711 Apple Mac OS X 'configd' EAPOLController Plugin Local Heap Based Buffer Overflow Vulnerability 31715 Apple Mac OS X ColorSync ICC Profile Remote Buffer Overflow Vulnerability 31720 Apple Finder Denial of Service Vulnerability 31707 Apple OS X QuickLook Excel File Integer Overflow Vulnerability 31688 CUPS 'HP-GL/2' Filter Remote Code Execution Vulnerability 31722 Apple Mac OS X 10.5 'launchd' Unspecified Security Bypass Vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected software or to obtain SYSTEM-level privileges. Failed attempts will cause denial-of-service conditions. Local or remote attackers may exploit these vulnerabilities to cause multiple threats. Malicious files may cause Finder to terminate unexpectedly when generating icons, and Finder will continue to restart and termination. Until this file is deleted, the user account cannot be accessed through the Finder user interface.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15884

    VERIFY ADVISORY: http://secunia.com/advisories/15884/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/

    DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200810-0141",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.5"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.5"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.5"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.11"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "BID",
            "id": "31711"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001814"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-163"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3645"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3645"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "regenrechtSergio AlvarezRalf Meyer",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-163"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-3645",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": true,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 7.2,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2008-3645",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-33770",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-3645",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200810-163",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-33770",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33770"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001814"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-163"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3645"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007. \nThe security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. \nNOTE: This BID is being retired; the following individual records have been created to better document these issues:\n31716 Apple Script Editor Unspecified Insecure Temporary File Creation Vulnerability\n31718 Apple Mac OS X Server Weblog Access Control List Security Bypass Vulnerability\n31708 Apple Mac OS X \u0027hosts.equiv\u0027 Security Bypass Vulnerability\n31721 Apple Mac OS X 10.5 Postfix Security Bypass Vulnerability\n31719 Apple PSNormalizer PostScript Buffer Overflow Vulnerability\n31711 Apple Mac OS X \u0027configd\u0027 EAPOLController Plugin Local Heap Based Buffer Overflow Vulnerability\n31715 Apple Mac OS X ColorSync ICC Profile Remote Buffer Overflow Vulnerability\n31720 Apple Finder Denial of Service Vulnerability\n31707 Apple OS X QuickLook Excel File Integer Overflow Vulnerability\n31688 CUPS \u0027HP-GL/2\u0027 Filter Remote Code Execution Vulnerability\n31722 Apple Mac OS X 10.5 \u0027launchd\u0027 Unspecified Security Bypass Vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the affected software or to obtain SYSTEM-level privileges. Failed attempts will cause denial-of-service conditions. Local or remote attackers may exploit these vulnerabilities to cause multiple threats. Malicious files may cause Finder to terminate unexpectedly when generating icons, and Finder will continue to restart and termination. Until this file is deleted, the user account cannot be accessed through the Finder user interface. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 2.0.5. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3645"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001814"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "BID",
            "id": "31711"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33770"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          }
        ],
        "trust": 3.06
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-3645",
            "trust": 3.1
          },
          {
            "db": "BID",
            "id": "31711",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "32222",
            "trust": 2.5
          },
          {
            "db": "BID",
            "id": "31681",
            "trust": 2.0
          },
          {
            "db": "SECTRACK",
            "id": "1021025",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2780",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "45781",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001814",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-163",
            "trust": 0.7
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-10-09",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-33770",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38390",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33770"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "BID",
            "id": "31711"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001814"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-163"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3645"
          }
        ]
      },
      "id": "VAR-200810-0141",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33770"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:33:22.791000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HT3216",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3216"
          },
          {
            "title": "HT3216",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3216?viewlocale=ja_jp"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001814"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33770"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001814"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3645"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/31711"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/32222"
          },
          {
            "trust": 2.3,
            "url": "http://support.apple.com/kb/ht3216"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/31681"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id?1021025"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2780"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/45781"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2780"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45781"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3645"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3645"
          },
          {
            "trust": 0.6,
            "url": "http://www.apple.com/macosx/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4577/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33770"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "BID",
            "id": "31711"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001814"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-163"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3645"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33770"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "BID",
            "id": "31711"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001814"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-163"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3645"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-10-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33770"
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "BID",
            "id": "31681"
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "BID",
            "id": "31711"
          },
          {
            "date": "2008-11-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001814"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "date": "2007-05-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200810-163"
          },
          {
            "date": "2008-10-10T10:30:04.967000",
            "db": "NVD",
            "id": "CVE-2008-3645"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2017-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33770"
          },
          {
            "date": "2009-03-24T16:56:00",
            "db": "BID",
            "id": "31681"
          },
          {
            "date": "2008-10-15T16:17:00",
            "db": "BID",
            "id": "31711"
          },
          {
            "date": "2008-11-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001814"
          },
          {
            "date": "2009-02-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200810-163"
          },
          {
            "date": "2017-08-08T01:32:03.030000",
            "db": "NVD",
            "id": "CVE-2008-3645"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "BID",
            "id": "31711"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-163"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-163"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200809-0013

    Vulnerability from variot - Updated: 2024-07-23 21:30

    Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable file, which allows local users to obtain sensitive information by reading this file. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. The security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15884

    VERIFY ADVISORY: http://secunia.com/advisories/15884/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/

    DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200809-0013",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "ilife",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.0"
          },
          {
            "model": "aperture",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2"
          },
          {
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "ilife support",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.3.1"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001725"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-208"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2312"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-2312"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Pete Finnigan\u203b pete@peterfinnigan.demon.co.uk\u203bEsteban Martinez FayoJoxean Koret\u203b joxeankoret@yahoo.es\u203bAlexander Kornbrust\u203b ak@red-database-security.com\u203bAmichai Shulman\u203b shulman@imperva.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-208"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-2312",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.9,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2008-2312",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-32437",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-2312",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#126787",
                "trust": 0.8,
                "value": "1.01"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200809-208",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-32437",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32437"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001725"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-208"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2312"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable file, which allows local users to obtain sensitive information by reading this file. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. \nThe security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 2.0.5. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-2312"
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001725"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32437"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "31189",
            "trust": 2.8
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2312",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "31882",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1020881",
            "trust": 2.5
          },
          {
            "db": "USCERT",
            "id": "TA08-260A",
            "trust": 2.5
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2584",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "45173",
            "trust": 1.4
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA08-260A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001725",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "TA08-260A",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-09-15",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-208",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-32437",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38390",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32437"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001725"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-208"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2312"
          }
        ]
      },
      "id": "VAR-200809-0013",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-32437"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:30:24.177000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Update 2008-006",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "title": "Security Update 2008-006",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137?viewlocale=ja_jp"
          },
          {
            "title": "TA08-260A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-260a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001725"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-255",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-32437"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001725"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2312"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/31189"
          },
          {
            "trust": 2.5,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
          },
          {
            "trust": 2.5,
            "url": "http://securitytracker.com/id?1020881"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/31882"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/45173"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45173"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "about vulnerability notes"
          },
          {
            "trust": 0.8,
            "url": "contact us about this vulnerability"
          },
          {
            "trust": 0.8,
            "url": "provide a vendor statement"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2312"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta08-260a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta08-260a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2312"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa08-260a.html"
          },
          {
            "trust": 0.3,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "trust": 0.3,
            "url": "http://www.apple.com/macosx/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/126787"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4577/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32437"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001725"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-208"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2312"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32437"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001725"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-208"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2312"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-09-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-32437"
          },
          {
            "date": "2008-09-15T00:00:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-10-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001725"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-208"
          },
          {
            "date": "2008-09-16T23:00:00.930000",
            "db": "NVD",
            "id": "CVE-2008-2312"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-10-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2017-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-32437"
          },
          {
            "date": "2008-11-13T22:34:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-10-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001725"
          },
          {
            "date": "2008-11-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-208"
          },
          {
            "date": "2017-08-08T01:30:56.480000",
            "db": "NVD",
            "id": "CVE-2008-2312"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-208"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Apple Mac OS X file sharing allows authenticated remote access to files and directories",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "trust management",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-208"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200809-0402

    Vulnerability from variot - Updated: 2024-07-23 21:29

    Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to "PostScript font names.". Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. The security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15895

    VERIFY ADVISORY: http://secunia.com/advisories/15895/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/

    DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 3.21. http://sourceforge.net/project/showfiles.php?group_id=66479

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200809-0402",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.2"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.1"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.2"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.1"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.3"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.5.3"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.5"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.4"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.4"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "ilife",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.0"
          },
          {
            "model": "aperture",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2"
          },
          {
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "ilife support",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.3.1"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001711"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2305"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-2305"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Pete Finnigan\u203b pete@peterfinnigan.demon.co.uk\u203bEsteban Martinez FayoJoxean Koret\u203b joxeankoret@yahoo.es\u203bAlexander Kornbrust\u203b ak@red-database-security.com\u203bAmichai Shulman\u203b shulman@imperva.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-207"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-2305",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": true,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.3,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2008-2305",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "VHN-32430",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-2305",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#126787",
                "trust": 0.8,
                "value": "1.01"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200809-207",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-32430",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32430"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001711"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2305"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to \"PostScript font names.\". Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. \nThe security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nNucleus XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15895\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15895/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNucleus 3.x\nhttp://secunia.com/product/3699/\n\nDESCRIPTION:\nA vulnerability has been reported in Nucleus, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 3.21. \nhttp://sourceforge.net/project/showfiles.php?group_id=66479\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-2305"
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001711"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32430"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-2305",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "31189",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "31882",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1020873",
            "trust": 2.5
          },
          {
            "db": "USCERT",
            "id": "TA08-260A",
            "trust": 2.5
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2584",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "45162",
            "trust": 1.4
          },
          {
            "db": "CERT/CC",
            "id": "VU#126787",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA08-260A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001711",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "TA08-260A",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-09-15",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-207",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-32430",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38388",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32430"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001711"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2305"
          }
        ]
      },
      "id": "VAR-200809-0402",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-32430"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:29:26.389000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Update 2008-006",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "title": "Security Update 2008-006",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht3137?viewlocale=ja_jp"
          },
          {
            "title": "TA08-260A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-260a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001711"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-32430"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001711"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2305"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/31189"
          },
          {
            "trust": 2.5,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
          },
          {
            "trust": 2.5,
            "url": "http://securitytracker.com/id?1020873"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/31882"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/45162"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45162"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "about vulnerability notes"
          },
          {
            "trust": 0.8,
            "url": "contact us about this vulnerability"
          },
          {
            "trust": 0.8,
            "url": "provide a vendor statement"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2305"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta08-260a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta08-260a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2305"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa08-260a.html"
          },
          {
            "trust": 0.3,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "trust": 0.3,
            "url": "http://www.apple.com/macosx/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/126787"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3699/"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=66479"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32430"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001711"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2305"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32430"
          },
          {
            "db": "BID",
            "id": "31189"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001711"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2305"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-09-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-32430"
          },
          {
            "date": "2008-09-15T00:00:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-10-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001711"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "date": "2008-09-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-207"
          },
          {
            "date": "2008-09-16T23:00:00.897000",
            "db": "NVD",
            "id": "CVE-2008-2305"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-10-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#126787"
          },
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2017-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-32430"
          },
          {
            "date": "2008-11-13T22:34:00",
            "db": "BID",
            "id": "31189"
          },
          {
            "date": "2008-10-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001711"
          },
          {
            "date": "2008-11-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-207"
          },
          {
            "date": "2017-08-08T01:30:56.167000",
            "db": "NVD",
            "id": "CVE-2008-2305"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-207"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Apple Mac OS X file sharing allows authenticated remote access to files and directories",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#126787"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-207"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200806-0425

    Vulnerability from variot - Updated: 2024-07-23 21:29

    Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors involving JavaScript arrays that trigger memory corruption. The Apple Webkit contains a memory corruption vulnerability.This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Apple Safari WebKit is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks when handling user-supplied input. Failed exploit attempts will result in a denial-of-service condition. Safari is the web browser bundled by default in the Apple family operating system. Safari's WebKit has a buffer overflow vulnerability when processing JavaScript arrays. If the user is tricked into visiting a malicious site, this overflow can be triggered, resulting in denial of service or execution of arbitrary instructions.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15884

    VERIFY ADVISORY: http://secunia.com/advisories/15884/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/

    DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.

    For more information: SA15852

    SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200806-0425",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "safari",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.0.4"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.0"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "model": "mac os x",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "mac os x server",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "10.5.4"
          },
          {
            "model": "iphone",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "model": "ipod touch",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "for windows 3.1.2"
          },
          {
            "model": "windows vista",
            "scope": null,
            "trust": 0.6,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "windows xp",
            "scope": null,
            "trust": 0.6,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "open source project webkit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "webkit",
            "version": "0"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.4"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0.2"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "safari for windows",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "model": "safari",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "ipod touch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "model": "iphone",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#361043"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "BID",
            "id": "29836"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001468"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-302"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2307"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "10.5.3",
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:macbook:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:macbook_pro:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:mac_mini:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:2008-002:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "3.1.1",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-2307"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "James Urquhart",
        "sources": [
          {
            "db": "BID",
            "id": "29836"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-302"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2008-2307",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": true,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "IPA",
                "availabilityImpact": "Complete",
                "baseScore": 9.3,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2008-001468",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "VHN-32432",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-2307",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#361043",
                "trust": 0.8,
                "value": "10.33"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "IPA",
                "id": "JVNDB-2008-001468",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200806-302",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-32432",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#361043"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32432"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001468"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-302"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2307"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors involving JavaScript arrays that trigger memory corruption. The Apple Webkit contains a memory corruption vulnerability.This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Apple Safari WebKit is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks when handling user-supplied input.  Failed exploit attempts will result in a denial-of-service condition. Safari is the web browser bundled by default in the Apple family operating system. Safari\u0027s WebKit has a buffer overflow vulnerability when processing JavaScript arrays. If the user is tricked into visiting a malicious site, this overflow can be triggered, resulting in denial of service or execution of arbitrary instructions. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 2.0.5. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-2307"
          },
          {
            "db": "CERT/CC",
            "id": "VU#361043"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001468"
          },
          {
            "db": "BID",
            "id": "29836"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32432"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#361043",
            "trust": 2.8
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2307",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "29836",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "31074",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "30801",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "30775",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "30992",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1020330",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2094",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1980",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1882",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1981",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001468",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-302",
            "trust": 0.7
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-07-11",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-06-30",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-06-19",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2008-6220",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2008-6186",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-32432",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38390",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#361043"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32432"
          },
          {
            "db": "BID",
            "id": "29836"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001468"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-302"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2307"
          }
        ]
      },
      "id": "VAR-200806-0425",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-32432"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T21:29:05.522000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Update 2008-004",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht2163"
          },
          {
            "title": "Safari 3.1.2 for Mac OS X 10.4.11",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht2165"
          },
          {
            "title": "iPhone v2.0 and iPod touch v2.0",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht2351"
          },
          {
            "title": "Safari 3.1.2 for Windows",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht2092"
          },
          {
            "title": "iPhone v2.0 and iPod touch v2.0",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/ht2351?viewlocale=ja_jp\u0026locale=ja_jp"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001468"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.9
          },
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-noinfo",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-32432"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001468"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2307"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "http://support.apple.com/kb/ht2165"
          },
          {
            "trust": 2.8,
            "url": "http://support.apple.com/kb/ht2163"
          },
          {
            "trust": 2.5,
            "url": "http://support.apple.com/kb/ht2092"
          },
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/29836"
          },
          {
            "trust": 2.0,
            "url": "http://www.kb.cert.org/vuls/id/361043"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008//jun/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008//jun/msg00003.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008//jul/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00279.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00319.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id?1020330"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/30775"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/30801"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/30992"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/31074"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1882/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1980"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1981/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2094/references"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "http://lists.apple.com/archives/security-announce/2008/jun/msg00001.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2307"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2307"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/2094/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1981/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1980"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1882/references"
          },
          {
            "trust": 0.3,
            "url": "http://www.apple.com/safari/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4577/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#361043"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32432"
          },
          {
            "db": "BID",
            "id": "29836"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001468"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-302"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2307"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#361043"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-32432"
          },
          {
            "db": "BID",
            "id": "29836"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001468"
          },
          {
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-302"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-2307"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-07-01T00:00:00",
            "db": "CERT/CC",
            "id": "VU#361043"
          },
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2008-06-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-32432"
          },
          {
            "date": "2008-06-19T00:00:00",
            "db": "BID",
            "id": "29836"
          },
          {
            "date": "2008-07-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001468"
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38390"
          },
          {
            "date": "2008-06-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200806-302"
          },
          {
            "date": "2008-06-23T20:41:00",
            "db": "NVD",
            "id": "CVE-2008-2307"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-07-01T00:00:00",
            "db": "CERT/CC",
            "id": "VU#361043"
          },
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "date": "2011-03-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-32432"
          },
          {
            "date": "2015-05-07T17:08:00",
            "db": "BID",
            "id": "29836"
          },
          {
            "date": "2008-07-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001468"
          },
          {
            "date": "2008-09-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200806-302"
          },
          {
            "date": "2011-03-15T04:00:00",
            "db": "NVD",
            "id": "CVE-2008-2307"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-302"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Apple Safari contains a memory corruption issue in the handling of JavaScript arrays by WebKit",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#361043"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-302"
          }
        ],
        "trust": 0.6
      }
    }