Vulnerability-Lookup

CVE-2010-4494 (GCVE-0-2010-4494)

Vulnerability from cvelistv5 – Published: 2010-12-07 20:00 – Updated: 2024-08-07 03:51

Summary

Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

26 references

URL	Tags
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://secunia.com/advisories/40775	third-party-advisoryx_refsource_SECUNIA
http://support.apple.com/kb/HT4564	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2010/3336	vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2011/0230	vdb-entryx_refsource_VUPEN
http://www.debian.org/security/2010/dsa-2137	vendor-advisoryx_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2013-0217.html	vendor-advisoryx_refsource_REDHAT
http://support.apple.com/kb/HT4566	x_refsource_CONFIRM
http://secunia.com/advisories/42721	third-party-advisoryx_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-17…	vendor-advisoryx_refsource_REDHAT
http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
http://www.openoffice.org/security/cves/CVE-2010-…	x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
http://secunia.com/advisories/42472	third-party-advisoryx_refsource_SECUNIA
http://code.google.com/p/chromium/issues/detail?i…	x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://support.apple.com/kb/HT4554	x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
http://secunia.com/advisories/42762	third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/3319	vdb-entryx_refsource_VUPEN
http://marc.info/?l=bugtraq&m=139447903326211&w=2	vendor-advisoryx_refsource_HP
http://googlechromereleases.blogspot.com/2010/12/…	x_refsource_CONFIRM
http://support.apple.com/kb/HT4581	x_refsource_CONFIRM

Date Public ?

2010-12-02 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:51:17.159Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2010:260",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:260"
          },
          {
            "name": "40775",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40775"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4564"
          },
          {
            "name": "ADV-2010-3336",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3336"
          },
          {
            "name": "ADV-2011-0230",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0230"
          },
          {
            "name": "DSA-2137",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2137"
          },
          {
            "name": "RHSA-2013:0217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "name": "42721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42721"
          },
          {
            "name": "RHSA-2011:1749",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
          },
          {
            "name": "APPLE-SA-2011-03-21-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
          },
          {
            "name": "SUSE-SR:2011:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "name": "APPLE-SA-2011-03-02-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html"
          },
          {
            "name": "FEDORA-2011-2697",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html"
          },
          {
            "name": "APPLE-SA-2011-03-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
          },
          {
            "name": "42472",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42472"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=63444"
          },
          {
            "name": "oval:org.mitre.oval:def:11916",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4554"
          },
          {
            "name": "APPLE-SA-2011-03-09-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
          },
          {
            "name": "42762",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42762"
          },
          {
            "name": "ADV-2010-3319",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3319"
          },
          {
            "name": "HPSBGN02970",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4581"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-12-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDVSA-2010:260",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:260"
        },
        {
          "name": "40775",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40775"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4564"
        },
        {
          "name": "ADV-2010-3336",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3336"
        },
        {
          "name": "ADV-2011-0230",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0230"
        },
        {
          "name": "DSA-2137",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2137"
        },
        {
          "name": "RHSA-2013:0217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4566"
        },
        {
          "name": "42721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42721"
        },
        {
          "name": "RHSA-2011:1749",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
        },
        {
          "name": "APPLE-SA-2011-03-21-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
        },
        {
          "name": "SUSE-SR:2011:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
        },
        {
          "name": "APPLE-SA-2011-03-02-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html"
        },
        {
          "name": "FEDORA-2011-2697",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html"
        },
        {
          "name": "APPLE-SA-2011-03-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
        },
        {
          "name": "42472",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42472"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=63444"
        },
        {
          "name": "oval:org.mitre.oval:def:11916",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4554"
        },
        {
          "name": "APPLE-SA-2011-03-09-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
        },
        {
          "name": "42762",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42762"
        },
        {
          "name": "ADV-2010-3319",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3319"
        },
        {
          "name": "HPSBGN02970",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4581"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-4494",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2010:260",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:260"
            },
            {
              "name": "40775",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40775"
            },
            {
              "name": "http://support.apple.com/kb/HT4564",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4564"
            },
            {
              "name": "ADV-2010-3336",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3336"
            },
            {
              "name": "ADV-2011-0230",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0230"
            },
            {
              "name": "DSA-2137",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2010/dsa-2137"
            },
            {
              "name": "RHSA-2013:0217",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4566",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4566"
            },
            {
              "name": "42721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42721"
            },
            {
              "name": "RHSA-2011:1749",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
            },
            {
              "name": "APPLE-SA-2011-03-21-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
            },
            {
              "name": "SUSE-SR:2011:005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            },
            {
              "name": "APPLE-SA-2011-03-02-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
            },
            {
              "name": "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html",
              "refsource": "CONFIRM",
              "url": "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html"
            },
            {
              "name": "FEDORA-2011-2697",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html"
            },
            {
              "name": "APPLE-SA-2011-03-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
            },
            {
              "name": "42472",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42472"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=63444",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=63444"
            },
            {
              "name": "oval:org.mitre.oval:def:11916",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916"
            },
            {
              "name": "http://support.apple.com/kb/HT4554",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4554"
            },
            {
              "name": "APPLE-SA-2011-03-09-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
            },
            {
              "name": "42762",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42762"
            },
            {
              "name": "ADV-2010-3319",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3319"
            },
            {
              "name": "HPSBGN02970",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4581",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4581"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-4494",
    "datePublished": "2010-12-07T20:00:00.000Z",
    "dateReserved": "2010-12-07T00:00:00.000Z",
    "dateUpdated": "2024-08-07T03:51:17.159Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2010-4494",
      "date": "2026-05-19",
      "epss": "0.01435",
      "percentile": "0.80902"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.0.552.215\", \"matchCriteriaId\": \"40840023-4BC8-457F-9AB1-F2185FF860F0\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.7.8\", \"matchCriteriaId\": \"D345382F-517F-4829-99AA-D70F5EAFF2A7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.2\", \"matchCriteriaId\": \"BE850901-4B2A-4C98-836A-40683CB02FB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.0.4\", \"matchCriteriaId\": \"57A2B591-583F-4644-A900-4890FEFEE18C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.3.0\", \"matchCriteriaId\": \"E249C2A3-F54C-427A-A531-F6271585103A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.6.7\", \"matchCriteriaId\": \"8D31E3CC-42EA-4519-9077-5C43473CE7C2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5646FDE9-CF21-46A9-B89D-F5BBDB4249AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F691F4E7-2FF1-4EFB-B21F-E510049A9940\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDE52846-24EC-4068-B788-EC7F915FFF11\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8382A145-CDD9-437E-9DE7-A349956778B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BBCD86A-E6C7-4444-9D74-F861084090F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C757774-08E7-40AA-B532-6F705C8F7639\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"036E8A89-7A16-411F-9D31-676313BB7244\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:insight_control_server_deployment:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A768D5B-CD66-4157-953A-FAB0C06EEAF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:rapid_deployment_pack:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7859B530-9354-44D0-9449-31DF59823144\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.1.0\", \"versionEndIncluding\": \"2.4.3\", \"matchCriteriaId\": \"857BB5B1-2AA2-4A40-8D99-E75C46BA0853\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.0.0\", \"versionEndExcluding\": \"3.3.0\", \"matchCriteriaId\": \"53828E32-51DB-4C44-8CE2-5B056C3D67F2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de liberaci\\u00f3n doble en libxml2 2.7.8 y otras versiones, tal como se utiliza en Google Chrome en versiones anteriores a 8.0.552.215 y otros productos, permite a atacantes remotos provocar una denegaci\\u00f3n de servicio o posiblemente tener otro impacto no especificado a trav\\u00e9s de vectores relacionados con el manejo de XPath.\"}]",
      "id": "CVE-2010-4494",
      "lastModified": "2024-11-21T01:21:04.470",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2010-12-07T21:00:09.720",
      "references": "[{\"url\": \"http://code.google.com/p/chromium/issues/detail?id=63444\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0217.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/40775\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/42472\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/42721\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/42762\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4554\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4564\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4566\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://support.apple.com/kb/HT4581\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2010/dsa-2137\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:260\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-1749.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3319\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3336\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0230\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://code.google.com/p/chromium/issues/detail?id=63444\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0217.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/40775\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/42472\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/42721\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/42762\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4554\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4564\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4566\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://support.apple.com/kb/HT4581\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2010/dsa-2137\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:260\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-1749.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3319\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3336\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0230\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-415\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-4494\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-12-07T21:00:09.720\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de liberaci\u00f3n doble en libxml2 2.7.8 y otras versiones, tal como se utiliza en Google Chrome en versiones anteriores a 8.0.552.215 y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado a trav\u00e9s de vectores relacionados con el manejo de XPath.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-415\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.0.552.215\",\"matchCriteriaId\":\"40840023-4BC8-457F-9AB1-F2185FF860F0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7.8\",\"matchCriteriaId\":\"D345382F-517F-4829-99AA-D70F5EAFF2A7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\",\"matchCriteriaId\":\"BE850901-4B2A-4C98-836A-40683CB02FB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.0.4\",\"matchCriteriaId\":\"57A2B591-583F-4644-A900-4890FEFEE18C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.3.0\",\"matchCriteriaId\":\"E249C2A3-F54C-427A-A531-F6271585103A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.6.7\",\"matchCriteriaId\":\"8D31E3CC-42EA-4519-9077-5C43473CE7C2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5646FDE9-CF21-46A9-B89D-F5BBDB4249AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F691F4E7-2FF1-4EFB-B21F-E510049A9940\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDE52846-24EC-4068-B788-EC7F915FFF11\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8382A145-CDD9-437E-9DE7-A349956778B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C757774-08E7-40AA-B532-6F705C8F7639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036E8A89-7A16-411F-9D31-676313BB7244\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:insight_control_server_deployment:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A768D5B-CD66-4157-953A-FAB0C06EEAF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:rapid_deployment_pack:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7859B530-9354-44D0-9449-31DF59823144\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.1.0\",\"versionEndIncluding\":\"2.4.3\",\"matchCriteriaId\":\"857BB5B1-2AA2-4A40-8D99-E75C46BA0853\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.3.0\",\"matchCriteriaId\":\"53828E32-51DB-4C44-8CE2-5B056C3D67F2\"}]}]}],\"references\":[{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=63444\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0217.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40775\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42472\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42721\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42762\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4554\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4564\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4566\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.apple.com/kb/HT4581\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2010/dsa-2137\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:260\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1749.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3319\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3336\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0230\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=63444\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0217.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40775\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42472\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42762\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4554\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4566\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.apple.com/kb/HT4581\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2010/dsa-2137\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:260\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1749.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3319\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3336\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0230\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

CERTA-2011-AVI-039

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans OpenOffice.org permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

Plusieurs vulnérabilités ont été découvertes dans OpenOffice.org. Elle permettent à un utilisateur distant, par le biais d'un document malveillant, d'exécuter du code arbitraire avec les privilèges de l'application.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

OpenOffice.org, versions 3.x antérieures à la version 3.3.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité OpenOffice.org	None	vendor-advisory
Bulletin de sécurité Debian dsa-2151 du 26 janvier 2011 :	-	other
Bulletin de sécurité RedHat RHSA-2011-0181 du 28 janvier 2011 :	-	other
Bulletins de sécurité OpenOffice du 26 janvier 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eOpenOffice.org, versions 3.x  ant\u00e9rieures \u00e0 la version 3.3.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans OpenOffice.org. Elle\npermettent \u00e0 un utilisateur distant, par le biais d\u0027un document\nmalveillant, d\u0027ex\u00e9cuter du code arbitraire avec les privil\u00e8ges de\nl\u0027application.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-3702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3702"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-4643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4643"
    },
    {
      "name": "CVE-2010-3453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3453"
    },
    {
      "name": "CVE-2010-3451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3451"
    },
    {
      "name": "CVE-2010-3452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3452"
    },
    {
      "name": "CVE-2010-2936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2936"
    },
    {
      "name": "CVE-2010-3454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3454"
    },
    {
      "name": "CVE-2010-4253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4253"
    },
    {
      "name": "CVE-2010-3450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3450"
    },
    {
      "name": "CVE-2010-3689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3689"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2010-2935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2935"
    },
    {
      "name": "CVE-2010-3704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3704"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian dsa-2151 du 26 janvier 2011 :",
      "url": "http://www.debian.org/security/2011/dsa-2151"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2011-0181 du 28 janvier    2011 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-0181.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 OpenOffice du 26 janvier 2011 :",
      "url": "http://www.openoffice.org/security/bulletin.html"
    }
  ],
  "reference": "CERTA-2011-AVI-039",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-01-28T00:00:00.000000"
    },
    {
      "description": "ajout des bulletins des distributions Debian et RedHat.",
      "revision_date": "2011-02-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 OpenOffice.org",
      "url": null
    }
  ]
}

CERTA-2011-AVI-134

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités dans le lecteur multimédia iTunes d'Apple permettent à une personne distante malintentionnée de provoquer un déni de service ou d'exécuter du code arbitraire.

Description

De multiples vulnérabilités dans iTunes ont été corrigées. Un individu malveillant peut exploiter ces vulnérabilités afin de provoquer l'arrêt inoppinée de l'application ou d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

iTunes 10.2.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4554 du 02 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eiTunes 10.2.\u003c/P\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans iTunes ont \u00e9t\u00e9 corrig\u00e9es. Un individu\nmalveillant peut exploiter ces vuln\u00e9rabilit\u00e9s afin de provoquer l\u0027arr\u00eat\ninoppin\u00e9e de l\u0027application ou d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0164"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0165"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0139"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-134",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans le lecteur multim\u00e9dia iTunes d\u0027Apple\npermettent \u00e0 une personne distante malintentionn\u00e9e de provoquer un d\u00e9ni\nde service ou d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans iTunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4554 du 02 mars 2011",
      "url": "http://support.apple.com/kb/HT4554"
    }
  ]
}

CERTA-2011-AVI-150

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités permettant l'exécution de code arbitraire ont été corrigées dans Apple Safari.

Description

De multiples vulnérabilités ont été corrigées dans Apple Safari pour Microsoft Windows et Mac OS X. Celles-ci permettent l'exécution de code arbitraire à distance par l'intermédiaire d'une page Web spécialement conçue.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

La version 5.0.4 de Apple Safari corrige ces vulnérabilités. Cette nouvelle version integre une mise à jour de la libpng en version 1.4.3.

Apple Safari versions antérieures à 5.0.4.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4566 du 09 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple Safari versions ant\u00e9rieures \u00e0  5.0.4.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple Safari pour\nMicrosoft Windows et Mac OS X. Celles-ci permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance par l\u0027interm\u00e9diaire d\u0027une page Web sp\u00e9cialement\ncon\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\nLa version 5.0.4 de Apple Safari corrige ces vuln\u00e9rabilit\u00e9s. Cette\nnouvelle version integre une mise \u00e0 jour de la libpng en version 1.4.3.\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0163"
    },
    {
      "name": "CVE-2011-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0169"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0165"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2011-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0160"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0161"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2011-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0166"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0167"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0139"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-150",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s permettant l\u0027ex\u00e9cution de code arbitraire\nont \u00e9t\u00e9 corrig\u00e9es dans Apple Safari.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4566 du 09 mars 2011",
      "url": "http://support.apple.com/kb/HT4566"
    }
  ]
}

CERTA-2011-AVI-151

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités affectent Apple iOS versions 4.2 et antérieures. Certaines permettent l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Apple iOS, notamment dans :

CoreGraphics ;
ImageIO ;
libxml ;
Networking ;
Safari ;
WebKit ;
Wi-Fi.

Parmis ces vulnérabilités, certaines permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iOS 4.2.1 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4564 du 09 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple iOS 4.2.1 et ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Apple iOS, notamment dans :\n\n-   CoreGraphics ;\n-   ImageIO ;\n-   libxml ;\n-   Networking ;\n-   Safari ;\n-   WebKit ;\n-   Wi-Fi.\n\nParmis ces vuln\u00e9rabilit\u00e9s, certaines permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0163"
    },
    {
      "name": "CVE-2010-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1792"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2011-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0160"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0158"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0161"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2010-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3855"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0162"
    },
    {
      "name": "CVE-2011-0159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0159"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0157"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-151",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s affectent Apple iOS versions 4.2 et\nant\u00e9rieures. Certaines permettent l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4564 du 09 mars 2011",
      "url": "http://support.apple.com/kb/HT4564"
    }
  ]
}

CERTA-2011-AVI-162

Vulnerability from certfr_avis - Published: - Updated:

De nombreuses vulnérabilités ont été corrigées dans Mac OS X. Leur exploitation permet, entre autres, l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Mac OS X, notamment :

Airport ;
AppleScript ;
ATS ;
CarbonCore ;
CoreText ;
File Quarantine ;
HFS ;
ImageIO ;
ImageRaw ;
Installer ;
Kernel ;
Libinfo ;
Libxml ;
QuickLook ;
QuickTime ;
Terminal.

Cette mise à jour corrige également un grand nombre de vulnérabilités dans des logiciels inclus au système d'exploitation comme Apache, ClamAV, Kerberos, Mailman, PHP, Ruby, Samba, Subversion et X11. Parmi les failles corrigées, certaines permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Mac OS X 10.5.8 ;
N/A	N/A	Mac OS X Server 10.6.x.
N/A	N/A	Mac OS X Server 10.5.8 ;
N/A	N/A	Mac OS X 10.6.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4581 du 21 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.6.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Mac OS X, notamment :\n\n-   Airport ;\n-   AppleScript ;\n-   ATS ;\n-   CarbonCore ;\n-   CoreText ;\n-   File Quarantine ;\n-   HFS ;\n-   ImageIO ;\n-   ImageRaw ;\n-   Installer ;\n-   Kernel ;\n-   Libinfo ;\n-   Libxml ;\n-   QuickLook ;\n-   QuickTime ;\n-   Terminal.\n\nCette mise \u00e0 jour corrige \u00e9galement un grand nombre de vuln\u00e9rabilit\u00e9s\ndans des logiciels inclus au syst\u00e8me d\u0027exploitation comme Apache,\nClamAV, Kerberos, Mailman, PHP, Ruby, Samba, Subversion et X11. Parmi\nles failles corrig\u00e9es, certaines permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2010-3089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3089"
    },
    {
      "name": "CVE-2010-3870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3870"
    },
    {
      "name": "CVE-2011-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0187"
    },
    {
      "name": "CVE-2010-3709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3709"
    },
    {
      "name": "CVE-2010-4020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4020"
    },
    {
      "name": "CVE-2011-0172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0172"
    },
    {
      "name": "CVE-2011-0181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0181"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2010-3710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3710"
    },
    {
      "name": "CVE-2011-0183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0183"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2011-0182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0182"
    },
    {
      "name": "CVE-2010-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2068"
    },
    {
      "name": "CVE-2010-1452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1452"
    },
    {
      "name": "CVE-2010-4021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4021"
    },
    {
      "name": "CVE-2011-0173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0173"
    },
    {
      "name": "CVE-2010-0405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0405"
    },
    {
      "name": "CVE-2010-2950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2950"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2011-0186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0186"
    },
    {
      "name": "CVE-2011-0178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0178"
    },
    {
      "name": "CVE-2010-3802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3802"
    },
    {
      "name": "CVE-2010-4409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4409"
    },
    {
      "name": "CVE-2011-0190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0190"
    },
    {
      "name": "CVE-2011-1417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1417"
    },
    {
      "name": "CVE-2010-3801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3801"
    },
    {
      "name": "CVE-2010-4479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4479"
    },
    {
      "name": "CVE-2011-0188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0188"
    },
    {
      "name": "CVE-2010-3814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3814"
    },
    {
      "name": "CVE-2010-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3855"
    },
    {
      "name": "CVE-2011-0180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0180"
    },
    {
      "name": "CVE-2010-1324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1324"
    },
    {
      "name": "CVE-2011-0174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0174"
    },
    {
      "name": "CVE-2011-0189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0189"
    },
    {
      "name": "CVE-2006-7243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7243"
    },
    {
      "name": "CVE-2010-4261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4261"
    },
    {
      "name": "CVE-2010-3434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3434"
    },
    {
      "name": "CVE-2010-4260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4260"
    },
    {
      "name": "CVE-2010-3315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3315"
    },
    {
      "name": "CVE-2011-0184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0184"
    },
    {
      "name": "CVE-2011-0179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0179"
    },
    {
      "name": "CVE-2010-3069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3069"
    },
    {
      "name": "CVE-2011-0177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0177"
    },
    {
      "name": "CVE-2010-1323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1323"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2010-3436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3436"
    },
    {
      "name": "CVE-2011-0194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0194"
    },
    {
      "name": "CVE-2011-0175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0175"
    },
    {
      "name": "CVE-2010-4150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4150"
    },
    {
      "name": "CVE-2011-0193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0193"
    },
    {
      "name": "CVE-2011-0176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0176"
    },
    {
      "name": "CVE-2010-4009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4009"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-162",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Mac OS X. Leur\nexploitation permet, entre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4581 du 21 mars 2011",
      "url": "http://support.apple.com/kb/HT4581"
    }
  ]
}

CERTA-2011-AVI-243

Vulnerability from certfr_avis - Published: - Updated:

Une mise à jour émise par IBM corrige de nombreuses vulnérabilités dans IBM Lotus Symphony.

Description

IBM a publié le 20 avril 2011 un ensemble de mise à jour corrigeant de nombreuses vulnérabilités dans IBM Lotus Symphony.

Les vulnérabilités corrigées sont localisées dans OpenOffice.org et autorisent un utilisateur malintentionné à exécuter du code arbitraire à distance ou à supprimer des fichiers.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM Lotus Symphony 3.x

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité IBM swg21496070 du 20 avril 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eIBM Lotus Symphony 3.x\u003c/p\u003e",
  "content": "## Description\n\nIBM a publi\u00e9 le 20 avril 2011 un ensemble de mise \u00e0 jour corrigeant de\nnombreuses vuln\u00e9rabilit\u00e9s dans IBM Lotus Symphony.\n\nLes vuln\u00e9rabilit\u00e9s corrig\u00e9es sont localis\u00e9es dans OpenOffice.org et\nautorisent un utilisateur malintentionn\u00e9 \u00e0 ex\u00e9cuter du code arbitraire \u00e0\ndistance ou \u00e0 supprimer des fichiers.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-4643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4643"
    },
    {
      "name": "CVE-2010-3453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3453"
    },
    {
      "name": "CVE-2010-3451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3451"
    },
    {
      "name": "CVE-2010-3452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3452"
    },
    {
      "name": "CVE-2010-3454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3454"
    },
    {
      "name": "CVE-2010-4253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4253"
    },
    {
      "name": "CVE-2010-3450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3450"
    },
    {
      "name": "CVE-2010-3689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3689"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2010-2935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2935"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-243",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-04-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une mise \u00e0 jour \u00e9mise par \u003cspan class=\"textit\"\u003eIBM\u003c/span\u003e corrige de\nnombreuses vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eIBM Lotus\nSymphony\u003c/span\u003e.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans IBM Lotus Symphony",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21496070 du 20 avril 2011",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21496070"
    }
  ]
}

CERTA-2012-AVI-387

Vulnerability from certfr_avis - Published: - Updated:

Neuf vulnérabilités concernant la bibliothèque libxml2 ont été corrigées dans VMware ESXi.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	ESXi	VMware ESXi 3.5.
VMware	ESXi	VMware ESXi 4.1 ;
VMware	ESXi	VMware ESXi 4.0 ;
VMware	ESXi	VMware ESXi 5.0 ;

References

Title

Publication Time

Tags

Bulletin de sécurité VMSA-2012-0012 du 12 juillet 2012	None	vendor-advisory
Bulletin de sécurité VMware VMSA-2012-0012 du 12 juillet 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware ESXi 3.5.",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi 4.1 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi 4.0 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi 5.0 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0216"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2011-1944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1944"
    },
    {
      "name": "CVE-2011-2834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2834"
    },
    {
      "name": "CVE-2011-2821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2821"
    },
    {
      "name": "CVE-2011-3909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3909"
    },
    {
      "name": "CVE-2012-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0841"
    },
    {
      "name": "CVE-2011-3905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3905"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2011-3919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3919"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2012-0012 du 12 juillet    2012 :",
      "url": "http://www.vmware.com/security/advisories/VMSA-2012-0012.html"
    }
  ],
  "reference": "CERTA-2012-AVI-387",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-07-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Neuf vuln\u00e9rabilit\u00e9s concernant la biblioth\u00e8que \u003cspan\nclass=\"textit\"\u003elibxml2\u003c/span\u003e ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eVMware ESXi\u003c/span\u003e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware ESXi",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMSA-2012-0012 du 12 juillet 2012",
      "url": null
    }
  ]
}

CERTFR-2023-AVI-0499

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Tenable Nessus Network Monitor. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Tenable	Nessus Network Monitor	Nessus Network Monitor versions antérieures à 6.2.2

References

Title

Publication Time

Tags

Bulletin de sécurité Tenable tns-2023-23 du 29 juin 2023

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Nessus Network Monitor versions ant\u00e9rieures \u00e0 6.2.2",
      "product": {
        "name": "Nessus Network Monitor",
        "vendor": {
          "name": "Tenable",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2020-13871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
    },
    {
      "name": "CVE-2022-46908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
    },
    {
      "name": "CVE-2016-1838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
    },
    {
      "name": "CVE-2019-19317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
    },
    {
      "name": "CVE-2020-24977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24977"
    },
    {
      "name": "CVE-2012-5134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5134"
    },
    {
      "name": "CVE-2016-4609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4609"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2020-13434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
    },
    {
      "name": "CVE-2017-18258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
    },
    {
      "name": "CVE-2016-9596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9596"
    },
    {
      "name": "CVE-2021-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
    },
    {
      "name": "CVE-2013-0338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0338"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2021-3537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
    },
    {
      "name": "CVE-2019-19244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
    },
    {
      "name": "CVE-2017-9047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
    },
    {
      "name": "CVE-2017-1000381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000381"
    },
    {
      "name": "CVE-2021-36690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
    },
    {
      "name": "CVE-2023-31124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31124"
    },
    {
      "name": "CVE-2022-31160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
    },
    {
      "name": "CVE-2020-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
    },
    {
      "name": "CVE-2019-20838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-23395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23395"
    },
    {
      "name": "CVE-2022-4904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
    },
    {
      "name": "CVE-2023-32067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
    },
    {
      "name": "CVE-2017-1000061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000061"
    },
    {
      "name": "CVE-2017-9048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
    },
    {
      "name": "CVE-2019-19926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
    },
    {
      "name": "CVE-2020-9327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
    },
    {
      "name": "CVE-2019-9936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
    },
    {
      "name": "CVE-2012-6139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6139"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2020-35525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35525"
    },
    {
      "name": "CVE-2017-9050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
    },
    {
      "name": "CVE-2023-28322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
    },
    {
      "name": "CVE-2016-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
    },
    {
      "name": "CVE-2017-15412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15412"
    },
    {
      "name": "CVE-2016-4448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
    },
    {
      "name": "CVE-2017-16932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
    },
    {
      "name": "CVE-2013-1969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1969"
    },
    {
      "name": "CVE-2017-5029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5029"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2019-19956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
    },
    {
      "name": "CVE-2015-9019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-9019"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2016-3705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
    },
    {
      "name": "CVE-2020-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
    },
    {
      "name": "CVE-2015-8241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8241"
    },
    {
      "name": "CVE-2016-3189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
    },
    {
      "name": "CVE-2023-28320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
    },
    {
      "name": "CVE-2011-3970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
    },
    {
      "name": "CVE-2019-19646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
    },
    {
      "name": "CVE-2012-2871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
    },
    {
      "name": "CVE-2023-28484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
    },
    {
      "name": "CVE-2011-1944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1944"
    },
    {
      "name": "CVE-2015-8035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2016-1834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
    },
    {
      "name": "CVE-2019-19925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
    },
    {
      "name": "CVE-2019-11068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11068"
    },
    {
      "name": "CVE-2012-2870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2016-4658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
    },
    {
      "name": "CVE-2019-19924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
    },
    {
      "name": "CVE-2022-29824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
    },
    {
      "name": "CVE-2013-0339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0339"
    },
    {
      "name": "CVE-2016-1684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1684"
    },
    {
      "name": "CVE-2020-11656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2019-20388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
    },
    {
      "name": "CVE-2019-13117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13117"
    },
    {
      "name": "CVE-2019-20218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20218"
    },
    {
      "name": "CVE-2023-31147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31147"
    },
    {
      "name": "CVE-2018-14567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
    },
    {
      "name": "CVE-2015-7499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7499"
    },
    {
      "name": "CVE-2023-29469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2016-1836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
    },
    {
      "name": "CVE-2017-5130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5130"
    },
    {
      "name": "CVE-2019-8457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2015-7500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7500"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-40303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
    },
    {
      "name": "CVE-2017-7375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
    },
    {
      "name": "CVE-2015-5312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5312"
    },
    {
      "name": "CVE-2023-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2019-19242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2019-12900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
    },
    {
      "name": "CVE-2020-7595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
    },
    {
      "name": "CVE-2016-2073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2073"
    },
    {
      "name": "CVE-2015-7497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7497"
    },
    {
      "name": "CVE-2015-7941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7941"
    },
    {
      "name": "CVE-2016-1833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
    },
    {
      "name": "CVE-2015-7995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7995"
    },
    {
      "name": "CVE-2015-7942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7942"
    },
    {
      "name": "CVE-2015-8710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8710"
    },
    {
      "name": "CVE-2019-19880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
    },
    {
      "name": "CVE-2015-7498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7498"
    },
    {
      "name": "CVE-2015-8317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8317"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2016-3627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
    },
    {
      "name": "CVE-2021-3672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3672"
    },
    {
      "name": "CVE-2015-8242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8242"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2016-1840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
    },
    {
      "name": "CVE-2021-31239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
    },
    {
      "name": "CVE-2016-9598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9598"
    },
    {
      "name": "CVE-2022-23308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
    },
    {
      "name": "CVE-2019-13118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13118"
    },
    {
      "name": "CVE-2016-4607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4607"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2016-1762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
    },
    {
      "name": "CVE-2020-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
    },
    {
      "name": "CVE-2018-9251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
    },
    {
      "name": "CVE-2023-1255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
    },
    {
      "name": "CVE-2016-3709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3709"
    },
    {
      "name": "CVE-2016-1837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
    },
    {
      "name": "CVE-2012-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0841"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2016-9597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9597"
    },
    {
      "name": "CVE-2015-8806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8806"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2017-16931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
    },
    {
      "name": "CVE-2019-19645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
    },
    {
      "name": "CVE-2016-1839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
    },
    {
      "name": "CVE-2016-5180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5180"
    },
    {
      "name": "CVE-2013-2877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2877"
    },
    {
      "name": "CVE-2021-45346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
    },
    {
      "name": "CVE-2020-11655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2021-3541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
    },
    {
      "name": "CVE-2018-14404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
    },
    {
      "name": "CVE-2019-16168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
    },
    {
      "name": "CVE-2021-30560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30560"
    },
    {
      "name": "CVE-2021-20227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
    },
    {
      "name": "CVE-2017-7376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
    },
    {
      "name": "CVE-2020-14155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2014-3660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3660"
    },
    {
      "name": "CVE-2017-9049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
    },
    {
      "name": "CVE-2019-19923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
    },
    {
      "name": "CVE-2023-31130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
    },
    {
      "name": "CVE-2016-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
    },
    {
      "name": "CVE-2019-9937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
    },
    {
      "name": "CVE-2019-5815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5815"
    },
    {
      "name": "CVE-2019-19959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19959"
    },
    {
      "name": "CVE-2019-19603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
    },
    {
      "name": "CVE-2011-1202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
    },
    {
      "name": "CVE-2016-5131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
    },
    {
      "name": "CVE-2017-8872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8872"
    },
    {
      "name": "CVE-2020-35527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35527"
    },
    {
      "name": "CVE-2016-1683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1683"
    },
    {
      "name": "CVE-2021-3518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
    },
    {
      "name": "CVE-2017-5969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5969"
    },
    {
      "name": "CVE-2020-13435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
    },
    {
      "name": "CVE-2016-4483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4483"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    },
    {
      "name": "CVE-2013-4520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4520"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0499",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus\nNetwork Monitor. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une\nex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus Network Monitor",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2023-23 du 29 juin 2023",
      "url": "https://www.tenable.com/security/tns-2023-23"
    }
  ]
}

CERTA-2011-AVI-039

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans OpenOffice.org permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

OpenOffice.org, versions 3.x antérieures à la version 3.3.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité OpenOffice.org	None	vendor-advisory
Bulletin de sécurité Debian dsa-2151 du 26 janvier 2011 :	-	other
Bulletin de sécurité RedHat RHSA-2011-0181 du 28 janvier 2011 :	-	other
Bulletins de sécurité OpenOffice du 26 janvier 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eOpenOffice.org, versions 3.x  ant\u00e9rieures \u00e0 la version 3.3.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans OpenOffice.org. Elle\npermettent \u00e0 un utilisateur distant, par le biais d\u0027un document\nmalveillant, d\u0027ex\u00e9cuter du code arbitraire avec les privil\u00e8ges de\nl\u0027application.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-3702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3702"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-4643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4643"
    },
    {
      "name": "CVE-2010-3453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3453"
    },
    {
      "name": "CVE-2010-3451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3451"
    },
    {
      "name": "CVE-2010-3452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3452"
    },
    {
      "name": "CVE-2010-2936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2936"
    },
    {
      "name": "CVE-2010-3454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3454"
    },
    {
      "name": "CVE-2010-4253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4253"
    },
    {
      "name": "CVE-2010-3450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3450"
    },
    {
      "name": "CVE-2010-3689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3689"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2010-2935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2935"
    },
    {
      "name": "CVE-2010-3704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3704"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian dsa-2151 du 26 janvier 2011 :",
      "url": "http://www.debian.org/security/2011/dsa-2151"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2011-0181 du 28 janvier    2011 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-0181.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 OpenOffice du 26 janvier 2011 :",
      "url": "http://www.openoffice.org/security/bulletin.html"
    }
  ],
  "reference": "CERTA-2011-AVI-039",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-01-28T00:00:00.000000"
    },
    {
      "description": "ajout des bulletins des distributions Debian et RedHat.",
      "revision_date": "2011-02-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 OpenOffice.org",
      "url": null
    }
  ]
}

CERTA-2011-AVI-134

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités dans le lecteur multimédia iTunes d'Apple permettent à une personne distante malintentionnée de provoquer un déni de service ou d'exécuter du code arbitraire.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

iTunes 10.2.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4554 du 02 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eiTunes 10.2.\u003c/P\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans iTunes ont \u00e9t\u00e9 corrig\u00e9es. Un individu\nmalveillant peut exploiter ces vuln\u00e9rabilit\u00e9s afin de provoquer l\u0027arr\u00eat\ninoppin\u00e9e de l\u0027application ou d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0164"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0165"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0139"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-134",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans le lecteur multim\u00e9dia iTunes d\u0027Apple\npermettent \u00e0 une personne distante malintentionn\u00e9e de provoquer un d\u00e9ni\nde service ou d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans iTunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4554 du 02 mars 2011",
      "url": "http://support.apple.com/kb/HT4554"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-4494 (GCVE-0-2010-4494)

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Solution

Solution

Description

Solution

Description

Solution

Tags

Sightings

Nomenclature