Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2014-AVI-436
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
Title | Publication Time | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "OS X Mavericks versions ant\u00e9rieures \u00e0 10.9.5", "product": { "name": "N/A", "vendor": { "name": "Apple", "scada": false } } }, { "description": "OS X Mountain Lion versions ant\u00e9rieures \u00e0 10.8.5", "product": { "name": "N/A", "vendor": { "name": "Apple", "scada": false } } }, { "description": "OS X Yosemite versions ant\u00e9rieures \u00e0 10.10", "product": { "name": "N/A", "vendor": { "name": "Apple", "scada": false } } }, { "description": "OS X Server versions ant\u00e9rieures \u00e0 2.2.5, 3.2.2 et 4.0", "product": { "name": "N/A", "vendor": { "name": "Apple", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2014-4433", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4433" }, { "name": "CVE-2014-4424", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4424" }, { "name": "CVE-2014-0063", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0063" }, { "name": "CVE-2013-5150", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5150" }, { "name": "CVE-2014-3566", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3566" }, { "name": "CVE-2014-4425", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4425" }, { "name": "CVE-2014-4375", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4375" }, { "name": "CVE-2014-4406", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4406" }, { "name": "CVE-2014-0061", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0061" }, { "name": "CVE-2014-4418", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4418" }, { "name": "CVE-2013-4164", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4164" }, { "name": "CVE-2014-4440", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4440" }, { "name": "CVE-2014-4446", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4446" }, { "name": "CVE-2014-4422", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4422" }, { "name": "CVE-2014-4380", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4380" }, { "name": "CVE-2014-4364", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4364" }, { "name": "CVE-2014-4447", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4447" }, { "name": "CVE-2013-3919", "url": "https://www.cve.org/CVERecord?id=CVE-2013-3919" }, { "name": "CVE-2014-4444", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4444" }, { "name": "CVE-2014-7169", "url": "https://www.cve.org/CVERecord?id=CVE-2014-7169" }, { "name": "CVE-2013-6393", "url": "https://www.cve.org/CVERecord?id=CVE-2013-6393" }, { "name": "CVE-2014-4405", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4405" }, { "name": "CVE-2014-4441", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4441" }, { "name": "CVE-2014-4438", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4438" }, { "name": "CVE-2014-0098", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0098" }, { "name": "CVE-2014-4421", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4421" }, { "name": "CVE-2014-4432", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4432" }, { "name": "CVE-2014-4430", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4430" }, { "name": "CVE-2014-4426", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4426" }, { "name": "CVE-2014-6271", "url": "https://www.cve.org/CVERecord?id=CVE-2014-6271" }, { "name": "CVE-2014-4404", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4404" }, { "name": "CVE-2014-4417", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4417" }, { "name": "CVE-2014-4435", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4435" }, { "name": "CVE-2014-4391", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4391" }, { "name": "CVE-2014-4419", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4419" }, { "name": "CVE-2014-4420", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4420" }, { "name": "CVE-2014-3537", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3537" }, { "name": "CVE-2014-4427", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4427" }, { "name": "CVE-2014-4408", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4408" }, { "name": "CVE-2014-0064", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0064" }, { "name": "CVE-2014-0065", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0065" }, { "name": "CVE-2014-4407", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4407" }, { "name": "CVE-2014-4428", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4428" }, { "name": "CVE-2014-4437", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4437" }, { "name": "CVE-2014-0591", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0591" }, { "name": "CVE-2014-4431", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4431" }, { "name": "CVE-2014-0062", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0062" }, { "name": "CVE-2014-4371", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4371" }, { "name": "CVE-2014-4436", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4436" }, { "name": "CVE-2014-4373", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4373" }, { "name": "CVE-2013-6438", "url": "https://www.cve.org/CVERecord?id=CVE-2013-6438" }, { "name": "CVE-2014-4442", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4442" }, { "name": "CVE-2014-0060", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0060" }, { "name": "CVE-2014-4443", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4443" }, { "name": "CVE-2013-4854", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4854" }, { "name": "CVE-2014-4434", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4434" }, { "name": "CVE-2014-4388", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4388" }, { "name": "CVE-2011-2391", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2391" }, { "name": "CVE-2014-4351", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4351" }, { "name": "CVE-2014-4439", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4439" }, { "name": "CVE-2014-0066", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0066" } ], "initial_release_date": "2014-10-17T00:00:00", "last_revision_date": "2014-10-20T00:00:00", "links": [], "reference": "CERTFR-2014-AVI-436", "revisions": [ { "description": "version initiale ;", "revision_date": "2014-10-17T00:00:00.000000" }, { "description": "correction des versions affect\u00e9es.", "revision_date": "2014-10-20T00:00:00.000000" } ], "risks": [ { "description": "Injection de code indirecte \u00e0 distance" }, { "description": "Ex\u00e9cution de code arbitraire \u00e0 distance" }, { "description": "Ex\u00e9cution de code arbitraire" }, { "description": "\u00c9l\u00e9vation de privil\u00e8ges" }, { "description": "D\u00e9ni de service \u00e0 distance" }, { "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es" }, { "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es" }, { "description": "D\u00e9ni de service" }, { "description": "Contournement de la politique de s\u00e9curit\u00e9" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eApple\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une\nex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6535 du 16 octobre 2014", "url": "https://support.apple.com/kb/HT6535" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6531 du 16 octobre 2014", "url": "https://support.apple.com/kb/HT6531" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6529 du 16 octobre 2014", "url": "https://support.apple.com/kb/HT6529" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6536 du 16 octobre 2014", "url": "https://support.apple.com/kb/HT6536" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6527 du 16 octobre 2014", "url": "https://support.apple.com/kb/HT6527" } ] }
CVE-2014-4418 (GCVE-0-2014-4418)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4388.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.580Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69946", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69946" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "name": "appleios-cve20144418-code-exec(96092)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96092" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4388." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69946", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69946" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "name": "appleios-cve20144418-code-exec(96092)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96092" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4418", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4388." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69946", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69946" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "appleios-cve20144418-code-exec(96092)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96092" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4418", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.580Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-0065 (GCVE-0-2014-0065)
Vulnerability from cvelistv5
Published
2014-03-28 17:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:05:38.700Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "name": "65731", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/65731" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-02-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "name": "65731", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/65731" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0065", "datePublished": "2014-03-28T17:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:38.700Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4419 (GCVE-0-2014-4419)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4420, and CVE-2014-4421.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.530Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144419-info-disc(96101)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96101" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "name": "69928", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69928" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4420, and CVE-2014-4421." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144419-info-disc(96101)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96101" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "name": "69928", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69928" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4419", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4420, and CVE-2014-4421." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "http://support.apple.com/HT204244", "refsource": "CONFIRM", "url": "http://support.apple.com/HT204244" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144419-info-disc(96101)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96101" }, { "name": "APPLE-SA-2015-01-27-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "name": "69928", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69928" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4419", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.530Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4443 (GCVE-0-2014-4443)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apple OS X before 10.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted ASN.1 data.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70625", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70625" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144443-dos(97624)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97624" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Apple OS X before 10.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted ASN.1 data." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70625", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70625" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144443-dos(97624)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97624" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4443", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apple OS X before 10.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted ASN.1 data." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70625", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70625" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144443-dos(97624)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97624" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4443", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.557Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4420 (GCVE-0-2014-4420)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.601Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/HT204244" }, { "name": "appleioscve20144420-info-disc(96102)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96102" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "69927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69927" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/HT204244" }, { "name": "appleioscve20144420-info-disc(96102)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96102" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "69927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69927" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4420", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "http://support.apple.com/HT204244", "refsource": "CONFIRM", "url": "http://support.apple.com/HT204244" }, { "name": "appleioscve20144420-info-disc(96102)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96102" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "69927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69927" }, { "name": "APPLE-SA-2015-01-27-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4420", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.601Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4424 (GCVE-0-2014-4424)
Vulnerability from cvelistv5
Published
2014-09-19 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SQL injection vulnerability in Wiki Server in CoreCollaboration in Apple OS X Server before 2.2.3 and 3.x before 3.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
URL | Tags | ||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.537Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "macosx-cve20144424-sql-injection(96048)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96048" }, { "name": "61305", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61305" }, { "name": "69918", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69918" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6449" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "1030869", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030869" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61307" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in Wiki Server in CoreCollaboration in Apple OS X Server before 2.2.3 and 3.x before 3.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "macosx-cve20144424-sql-injection(96048)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96048" }, { "name": "61305", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61305" }, { "name": "69918", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69918" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6449" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "1030869", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030869" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61307" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4424", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "SQL injection vulnerability in Wiki Server in CoreCollaboration in Apple OS X Server before 2.2.3 and 3.x before 3.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6448", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6448" }, { "name": "APPLE-SA-2014-10-16-3", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "macosx-cve20144424-sql-injection(96048)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96048" }, { "name": "61305", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61305" }, { "name": "69918", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69918" }, { "name": "http://support.apple.com/kb/HT6449", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6449" }, { "name": "https://support.apple.com/kb/HT6536", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6536" }, { "name": "1030869", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030869" }, { "name": "61307", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61307" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4424", "datePublished": "2014-09-19T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.537Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4430 (GCVE-0-2014-4430)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CoreStorage in Apple OS X before 10.10 retains a volume's encryption keys upon an eject action in the unlocked state, which makes it easier for physically proximate attackers to obtain cleartext data via a remount.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.622Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "macosx-cve20144430-sec-bypass(97639)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97639" }, { "name": "70628", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70628" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "CoreStorage in Apple OS X before 10.10 retains a volume\u0027s encryption keys upon an eject action in the unlocked state, which makes it easier for physically proximate attackers to obtain cleartext data via a remount." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "macosx-cve20144430-sec-bypass(97639)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97639" }, { "name": "70628", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70628" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4430", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "CoreStorage in Apple OS X before 10.10 retains a volume\u0027s encryption keys upon an eject action in the unlocked state, which makes it easier for physically proximate attackers to obtain cleartext data via a remount." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "macosx-cve20144430-sec-bypass(97639)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97639" }, { "name": "70628", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70628" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4430", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.622Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4391 (GCVE-0-2014-4391)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Code Signing feature in Apple OS X before 10.10 does not properly handle incomplete resource envelopes in signed bundles, which allows remote attackers to bypass intended app-author restrictions by omitting an execution-related resource.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.681Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "macosx-cve20144391-sec-bypass(97644)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97644" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "70637", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70637" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The Code Signing feature in Apple OS X before 10.10 does not properly handle incomplete resource envelopes in signed bundles, which allows remote attackers to bypass intended app-author restrictions by omitting an execution-related resource." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "macosx-cve20144391-sec-bypass(97644)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97644" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "70637", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70637" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4391", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Code Signing feature in Apple OS X before 10.10 does not properly handle incomplete resource envelopes in signed bundles, which allows remote attackers to bypass intended app-author restrictions by omitting an execution-related resource." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "macosx-cve20144391-sec-bypass(97644)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97644" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "70637", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70637" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4391", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.681Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4405 (GCVE-0-2014-4405)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.481Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT204659" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "name": "69938", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69938" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144405-code-exec(96109)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96109" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT204659" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "name": "69938", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69938" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144405-code-exec(96109)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96109" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4405", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT204659", "refsource": "CONFIRM", "url": "https://support.apple.com/HT204659" }, { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "APPLE-SA-2015-04-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "name": "69938", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69938" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144405-code-exec(96109)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96109" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4405", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.481Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2011-2391 (GCVE-0-2011-2391)
Vulnerability from cvelistv5
Published
2013-09-19 10:00
Modified
2024-08-06 23:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T23:00:33.778Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "apple-kernel-cve20112391-dos(87222)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87222" }, { "name": "1029054", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1029054" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "APPLE-SA-2013-10-22-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" }, { "name": "97438", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/97438" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "54886", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/54886" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT5934" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "name": "APPLE-SA-2013-09-18-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2013-09-18T00:00:00", "descriptions": [ { "lang": "en", "value": "The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "apple-kernel-cve20112391-dos(87222)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87222" }, { "name": "1029054", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1029054" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "APPLE-SA-2013-10-22-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" }, { "name": "97438", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/97438" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "54886", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/54886" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT5934" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "name": "APPLE-SA-2013-09-18-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-2391", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "apple-kernel-cve20112391-dos(87222)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87222" }, { "name": "1029054", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029054" }, { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "APPLE-SA-2013-10-22-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" }, { "name": "97438", "refsource": "OSVDB", "url": "http://osvdb.org/97438" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "54886", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54886" }, { "name": "http://support.apple.com/kb/HT5934", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT5934" }, { "name": "http://support.apple.com/HT204244", "refsource": "CONFIRM", "url": "http://support.apple.com/HT204244" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "APPLE-SA-2015-01-27-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "name": "APPLE-SA-2013-09-18-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-2391", "datePublished": "2013-09-19T10:00:00", "dateReserved": "2011-06-05T00:00:00", "dateUpdated": "2024-08-06T23:00:33.778Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4407 (GCVE-0-2014-4407)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.607Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "69912", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69912" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "appleios-cve20144407-info-disc(96078)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96078" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "69912", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69912" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "appleios-cve20144407-info-disc(96078)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96078" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4407", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "69912", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69912" }, { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "appleios-cve20144407-info-disc(96078)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96078" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4407", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.607Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4406 (GCVE-0-2014-4406)
Vulnerability from cvelistv5
Published
2014-09-19 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
URL | Tags | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.614Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "macosx-cve20144406-xss(96047)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96047" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "69935", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69935" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.cloudscan.me/2014/09/cve-2014-4406-apple-sa-2014-09-17-5-os.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "1030870", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030870" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61307" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-15T19:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "macosx-cve20144406-xss(96047)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96047" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "69935", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69935" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.cloudscan.me/2014/09/cve-2014-4406-apple-sa-2014-09-17-5-os.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "1030870", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030870" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61307" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4406", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6448", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6448" }, { "name": "macosx-cve20144406-xss(96047)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96047" }, { "name": "APPLE-SA-2014-10-16-3", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "69935", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69935" }, { "name": "http://www.cloudscan.me/2014/09/cve-2014-4406-apple-sa-2014-09-17-5-os.html", "refsource": "MISC", "url": "http://www.cloudscan.me/2014/09/cve-2014-4406-apple-sa-2014-09-17-5-os.html" }, { "name": "https://support.apple.com/kb/HT6536", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6536" }, { "name": "1030870", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030870" }, { "name": "61307", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61307" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4406", "datePublished": "2014-09-19T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.614Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4421 (GCVE-0-2014-4421)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.588Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "69924", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69924" }, { "name": "appleioscve20144421-info-disc(96103)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96103" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "69924", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69924" }, { "name": "appleioscve20144421-info-disc(96103)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96103" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4421", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "69924", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69924" }, { "name": "appleioscve20144421-info-disc(96103)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96103" }, { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "http://support.apple.com/HT204244", "refsource": "CONFIRM", "url": "http://support.apple.com/HT204244" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "APPLE-SA-2015-01-27-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4421", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.588Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2013-6438 (GCVE-0-2013-6438)
Vulnerability from cvelistv5
Published
2014-03-18 01:00
Modified
2024-08-06 17:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T17:39:01.191Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://puppet.com/security/cve/cve-2013-6438" }, { "name": "59315", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59315" }, { "name": "58230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/58230" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT204659" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://advisories.mageia.org/MGASA-2014-0135.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" }, { "name": "GLSA-201408-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-201408-12.xml" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c?r1=1528718\u0026r2=1556428\u0026diff_format=h" }, { "name": "60536", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60536" }, { "name": "66303", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/66303" }, { "name": "HPSBUX03102", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "name": "HPSBUX03150", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "59345", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59345" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2014/Dec/23" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c" }, { "name": "SSRT101681", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091" }, { "name": "USN-2152-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2152-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.9" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669554" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-03-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-06T10:11:56", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://puppet.com/security/cve/cve-2013-6438" }, { "name": "59315", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59315" }, { "name": "58230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/58230" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT204659" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://advisories.mageia.org/MGASA-2014-0135.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" }, { "name": "GLSA-201408-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-201408-12.xml" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c?r1=1528718\u0026r2=1556428\u0026diff_format=h" }, { "name": "60536", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60536" }, { "name": "66303", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/66303" }, { "name": "HPSBUX03102", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "name": "HPSBUX03150", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "59345", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59345" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2014/Dec/23" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c" }, { "name": "SSRT101681", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091" }, { "name": "USN-2152-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2152-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.9" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669554" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-6438", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1", "refsource": "CONFIRM", "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1" }, { "name": "https://puppet.com/security/cve/cve-2013-6438", "refsource": "CONFIRM", "url": "https://puppet.com/security/cve/cve-2013-6438" }, { "name": "59315", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59315" }, { "name": "58230", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/58230" }, { "name": "https://support.apple.com/HT204659", "refsource": "CONFIRM", "url": "https://support.apple.com/HT204659" }, { "name": "http://advisories.mageia.org/MGASA-2014-0135.html", "refsource": "CONFIRM", "url": "http://advisories.mageia.org/MGASA-2014-0135.html" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698" }, { "name": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES", "refsource": "CONFIRM", "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" }, { "name": "GLSA-201408-12", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201408-12.xml" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092" }, { "name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c?r1=1528718\u0026r2=1556428\u0026diff_format=h", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c?r1=1528718\u0026r2=1556428\u0026diff_format=h" }, { "name": "60536", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60536" }, { "name": "66303", "refsource": "BID", "url": "http://www.securityfocus.com/bid/66303" }, { "name": "HPSBUX03102", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "name": "HPSBUX03150", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "59345", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59345" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" }, { "name": "APPLE-SA-2015-04-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2014/Dec/23" }, { "name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c" }, { "name": "SSRT101681", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "name": "https://httpd.apache.org/security/vulnerabilities_24.html", "refsource": "CONFIRM", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091" }, { "name": "USN-2152-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2152-1" }, { "name": "http://www.apache.org/dist/httpd/CHANGES_2.4.9", "refsource": "CONFIRM", "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.9" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21669554", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669554" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-6438", "datePublished": "2014-03-18T01:00:00", "dateReserved": "2013-11-04T00:00:00", "dateUpdated": "2024-08-06T17:39:01.191Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4417 (GCVE-0-2014-4417)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Safari in Apple OS X before 10.10 allows remote attackers to cause a denial of service (universal Push Notification outage) via a web site that triggers an uncaught SafariNotificationAgent exception by providing a crafted Push Notification.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70629", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70629" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144417-dos(97625)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97625" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Safari in Apple OS X before 10.10 allows remote attackers to cause a denial of service (universal Push Notification outage) via a web site that triggers an uncaught SafariNotificationAgent exception by providing a crafted Push Notification." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70629", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70629" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144417-dos(97625)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97625" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4417", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Safari in Apple OS X before 10.10 allows remote attackers to cause a denial of service (universal Push Notification outage) via a web site that triggers an uncaught SafariNotificationAgent exception by providing a crafted Push Notification." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70629", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70629" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144417-dos(97625)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97625" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4417", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.600Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2013-4854 (GCVE-0-2013-4854)
Vulnerability from cvelistv5
Published
2013-07-26 23:00
Modified
2024-08-06 16:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T16:59:39.290Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FEDORA-2013-13863", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html" }, { "name": "HPSBUX02926", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.isc.org/article/AA-01015" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "54134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/54134" }, { "name": "MDVSA-2013:202", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://linux.oracle.com/errata/ELSA-2014-1244" }, { "name": "54185", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/54185" }, { "name": "FreeBSD-SA-13:07", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.isc.org/article/AA-01016" }, { "name": "oval:org.mitre.oval:def:19561", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052" }, { "name": "FEDORA-2013-13831", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html" }, { "name": "54207", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/54207" }, { "name": "openSUSE-SU-2013:1354", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "isc-bind-cve20134854-dos(86004)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/" }, { "name": "20130806 [slackware-security] bind (SSA:2013-218-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html" }, { "name": "RHSA-2013:1114", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html" }, { "name": "61479", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/61479" }, { "name": "54323", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/54323" }, { "name": "SUSE-SU-2013:1310", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html" }, { "name": "54211", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/54211" }, { "name": "USN-1910-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1910-1" }, { "name": "DSA-2728", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2013/dsa-2728" }, { "name": "1028838", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1028838" }, { "name": "RHSA-2013:1115", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html" }, { "name": "SSRT101281", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396" }, { "name": "54432", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/54432" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2013-07-26T00:00:00", "descriptions": [ { "lang": "en", "value": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-11-28T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FEDORA-2013-13863", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html" }, { "name": "HPSBUX02926", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.isc.org/article/AA-01015" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "54134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/54134" }, { "name": "MDVSA-2013:202", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://linux.oracle.com/errata/ELSA-2014-1244" }, { "name": "54185", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/54185" }, { "name": "FreeBSD-SA-13:07", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.isc.org/article/AA-01016" }, { "name": "oval:org.mitre.oval:def:19561", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561" }, { "tags": [ "x_refsource_MISC" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052" }, { "name": "FEDORA-2013-13831", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html" }, { "name": "54207", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/54207" }, { "name": "openSUSE-SU-2013:1354", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "isc-bind-cve20134854-dos(86004)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/" }, { "name": "20130806 [slackware-security] bind (SSA:2013-218-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html" }, { "name": "RHSA-2013:1114", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html" }, { "name": "61479", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/61479" }, { "name": "54323", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/54323" }, { "name": "SUSE-SU-2013:1310", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html" }, { "name": "54211", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/54211" }, { "name": "USN-1910-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1910-1" }, { "name": "DSA-2728", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2013/dsa-2728" }, { "name": "1028838", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1028838" }, { "name": "RHSA-2013:1115", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html" }, { "name": "SSRT101281", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396" }, { "name": "54432", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/54432" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-4854", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FEDORA-2013-13863", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html" }, { "name": "HPSBUX02926", "refsource": "HP", "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396" }, { "name": "https://kb.isc.org/article/AA-01015", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-01015" }, { "name": "APPLE-SA-2014-10-16-3", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "54134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54134" }, { "name": "MDVSA-2013:202", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202" }, { "name": "http://linux.oracle.com/errata/ELSA-2014-1244", "refsource": "CONFIRM", "url": "http://linux.oracle.com/errata/ELSA-2014-1244" }, { "name": "54185", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54185" }, { "name": "FreeBSD-SA-13:07", "refsource": "FREEBSD", "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc" }, { "name": "https://kb.isc.org/article/AA-01016", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-01016" }, { "name": "oval:org.mitre.oval:def:19561", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052", "refsource": "MISC", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052" }, { "name": "FEDORA-2013-13831", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html" }, { "name": "54207", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54207" }, { "name": "openSUSE-SU-2013:1354", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html" }, { "name": "https://support.apple.com/kb/HT6536", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6536" }, { "name": "isc-bind-cve20134854-dos(86004)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/" }, { "name": "20130806 [slackware-security] bind (SSA:2013-218-01)", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html" }, { "name": "RHSA-2013:1114", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html" }, { "name": "61479", "refsource": "BID", "url": "http://www.securityfocus.com/bid/61479" }, { "name": "54323", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54323" }, { "name": "SUSE-SU-2013:1310", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html" }, { "name": "54211", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54211" }, { "name": "USN-1910-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1910-1" }, { "name": "DSA-2728", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2013/dsa-2728" }, { "name": "1028838", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1028838" }, { "name": "RHSA-2013:1115", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html" }, { "name": "SSRT101281", "refsource": "HP", "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396" }, { "name": "54432", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54432" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-4854", "datePublished": "2013-07-26T23:00:00", "dateReserved": "2013-07-16T00:00:00", "dateUpdated": "2024-08-06T16:59:39.290Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-0063 (GCVE-0-2014-0063)
Vulnerability from cvelistv5
Published
2014-03-28 17:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:05:37.941Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/postgres/postgres/commit/4318daecc959886d001a6e79c6ea853e8b1dfb4b" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6448" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065226" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/support/security/" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "65719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/65719" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61307" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-02-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/postgres/postgres/commit/4318daecc959886d001a6e79c6ea853e8b1dfb4b" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6448" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065226" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/support/security/" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "65719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/65719" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61307" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0063", "datePublished": "2014-03-28T17:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:37.941Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-3537 (GCVE-0-2014-3537)
Vulnerability from cvelistv5
Published
2014-07-23 14:00
Modified
2024-08-06 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T10:50:16.895Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FEDORA-2014-8351", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html" }, { "name": "60273", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60273" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.cups.org/blog.php?L724" }, { "name": "RHSA-2014:1388", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html" }, { "name": "USN-2293-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2293-1" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "68788", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/68788" }, { "name": "60787", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60787" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.cups.org/str.php?L4450" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1115576" }, { "name": "59945", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59945" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "1030611", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030611" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://advisories.mageia.org/MGASA-2014-0313.html" }, { "name": "MDVSA-2015:108", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-04T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "FEDORA-2014-8351", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html" }, { "name": "60273", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60273" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.cups.org/blog.php?L724" }, { "name": "RHSA-2014:1388", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html" }, { "name": "USN-2293-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2293-1" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "68788", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/68788" }, { "name": "60787", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60787" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.cups.org/str.php?L4450" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1115576" }, { "name": "59945", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59945" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "1030611", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030611" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://advisories.mageia.org/MGASA-2014-0313.html" }, { "name": "MDVSA-2015:108", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-3537", "datePublished": "2014-07-23T14:00:00", "dateReserved": "2014-05-14T00:00:00", "dateUpdated": "2024-08-06T10:50:16.895Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4375 (GCVE-0-2014-4375)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.153Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "appleios-cve20144375-code-exec(96090)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96090" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "69944", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69944" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "appleios-cve20144375-code-exec(96090)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96090" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "69944", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69944" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4375", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "appleios-cve20144375-code-exec(96090)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96090" }, { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "69944", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69944" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4375", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.153Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4425 (GCVE-0-2014-4425)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CFPreferences in Apple OS X before 10.10 does not properly enforce the "require password after sleep or screen saver begins" setting, which makes it easier for physically proximate attackers to obtain access by leveraging an unattended workstation.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.689Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "macosx-cve20144425-sec-bypass(97640)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97640" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70630", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70630" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "CFPreferences in Apple OS X before 10.10 does not properly enforce the \"require password after sleep or screen saver begins\" setting, which makes it easier for physically proximate attackers to obtain access by leveraging an unattended workstation." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "macosx-cve20144425-sec-bypass(97640)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97640" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70630", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70630" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4425", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "CFPreferences in Apple OS X before 10.10 does not properly enforce the \"require password after sleep or screen saver begins\" setting, which makes it easier for physically proximate attackers to obtain access by leveraging an unattended workstation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "macosx-cve20144425-sec-bypass(97640)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97640" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70630", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70630" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4425", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.689Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-3566 (GCVE-0-2014-3566)
Vulnerability from cvelistv5
Published
2014-10-15 00:00
Modified
2024-11-27 19:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-11-27T19:31:57.733Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://templatelab.com/ssl-poodle/" }, { "name": "HPSBOV03227", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc" }, { "name": "1031090", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031090" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/" }, { "name": "RHSA-2014:1880", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html" }, { "name": "HPSBHF03300", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635" }, { "name": "VU#577193", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/577193" }, { "name": "HPSBMU03184", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2" }, { "name": "HPSBGN03209", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2" }, { "name": "openSUSE-SU-2014:1331", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6542" }, { "name": "1031106", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031106" }, { "name": "HPSBGN03201", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "[openssl-dev] 20141014 Patch to mitigate CVE-2014-3566 (\"POODLE\")", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2" }, { "name": "SSRT101898", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2" }, { "name": "SSRT101896", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2" }, { "name": "60056", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60056" }, { "name": "RHSA-2014:1877", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html" }, { "name": "HPSBUX03162", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2" }, { "name": "61130", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61130" }, { "name": "RHSA-2015:1546", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html" }, { "name": "SUSE-SU-2015:0503", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6529" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.openssl.org/news/secadv_20141015.txt" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" }, { "name": "RHSA-2014:1920", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html" }, { "name": "1031087", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031087" }, { "name": "HPSBMU03234", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bto.bluecoat.com/security-advisory/sa83" }, { "name": "SSRT101849", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.citrix.com/article/CTX200238" }, { "name": "61359", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61359" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6541" }, { "name": "1031093", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031093" }, { "name": "1031132", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031132" }, { "name": "DSA-3144", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3144" }, { "name": "SSRT101790", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2" }, { "name": "DSA-3253", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "name": "SSRT101846", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.suse.com/support/kb/doc.php?id=7015773" }, { "name": "APPLE-SA-2014-10-16-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.elastic.co/blog/logstash-1-4-3-released" }, { "name": "SSRT101854", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946" }, { "name": "HPSBST03195", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2" }, { "name": "61827", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61827" }, { "name": "HPSBMU03152", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2" }, { "name": "RHSA-2015:0079", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283" }, { "name": "HPSBMU03304", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://technet.microsoft.com/library/security/3009008.aspx" }, { "name": "RHSA-2015:1545", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165" }, { "name": "HPSBMU03259", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2" }, { "name": "1031094", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031094" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html" }, { "name": "61316", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61316" }, { "name": "GLSA-201606-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201606-11" }, { "name": "RHSA-2014:1881", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.imperialviolet.org/2014/10/14/poodle.html" }, { "name": "1031096", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031096" }, { "name": "HPSBHF03275", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2" }, { "name": "61810", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61810" }, { "name": "HPSBHF03293", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2" }, { "name": "DSA-3053", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-3053" }, { "name": "HPSBGN03237", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.lenovo.com/us/en/product_security/poodle" }, { "name": "1031107", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031107" }, { "name": "1031095", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031095" }, { "name": "HPSBMU03223", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2" }, { "name": "SUSE-SU-2014:1549", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html" }, { "name": "HPSBGN03305", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2" }, { "name": "HPSBUX03194", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2" }, { "name": "SSRT101868", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "1031091", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031091" }, { "name": "HPSBMU03260", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2" }, { "name": "1031123", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031123" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205217" }, { "name": "1031092", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031092" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "name": "SUSE-SU-2015:0376", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html" }, { "name": "61926", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61926" }, { "name": "RHSA-2014:1876", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html" }, { "name": "SSRT101779", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html" }, { "name": "HPSBHF03156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2" }, { "name": "openSUSE-SU-2016:0640", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "name": "SSRT101838", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2" }, { "name": "HPSBGN03569", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2" }, { "name": "APPLE-SA-2015-09-16-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6531" }, { "name": "SUSE-SU-2014:1357", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip" }, { "name": "RHSA-2015:0264", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6527" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "name": "SSRT101897", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2" }, { "name": "HPSBGN03203", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2" }, { "name": "60206", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60206" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789" }, { "name": "60792", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60792" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "DSA-3489", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3489" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20141015-0001/" }, { "name": "1031105", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031105" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html" }, { "name": "FEDORA-2014-13069", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html" }, { "name": "1031131", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031131" }, { "name": "HPSBMU03221", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2" }, { "name": "USN-2487-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2487-1" }, { "name": "SSRT101795", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2" }, { "name": "HPSBGN03222", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html" }, { "name": "1031130", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031130" }, { "name": "HPSBMU03301", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2" }, { "name": "HPSBGN03164", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2" }, { "name": "RHSA-2014:1948", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html" }, { "name": "NetBSD-SA2014-015", "tags": [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc" }, { "name": "HPSBGN03192", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2" }, { "name": "RHSA-2014:1653", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html" }, { "name": "SUSE-SU-2015:0392", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html" }, { "name": "HPSBMU03416", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx" }, { "name": "HPSBMU03283", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2" }, { "name": "RHSA-2015:0085", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "FEDORA-2014-12951", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html" }, { "name": "HPSBGN03191", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU" }, { "name": "SSRT101767", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2" }, { "name": "SUSE-SU-2014:1526", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html" }, { "name": "HPSBGN03332", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2" }, { "name": "RHSA-2014:1652", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "name": "SUSE-SU-2015:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html" }, { "name": "HPSBST03265", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2" }, { "name": "RHSA-2015:0086", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html" }, { "name": "HPSBMU03241", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2" }, { "name": "1031124", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031124" }, { "name": "SUSE-SU-2015:0578", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html" }, { "name": "SUSE-SU-2015:0336", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" }, { "name": "RHSA-2015:0080", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html" }, { "name": "HPSBMU03294", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2" }, { "name": "RHSA-2014:1882", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html" }, { "name": "RHSA-2015:0068", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html" }, { "name": "HPSBGN03251", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2" }, { "name": "USN-2486-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2486-1" }, { "name": "HPSBGN03391", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2" }, { "name": "59627", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59627" }, { "name": "HPSBGN03208", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2" }, { "name": "SSRT101894", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2" }, { "name": "HPSBMU03214", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" }, { "name": "HPSBMU03263", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2" }, { "name": "HPSBGN03254", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.lenovo.com/product_security/poodle" }, { "name": "20141014 SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle" }, { "name": "HPSBGN03205", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2" }, { "name": "RHSA-2015:0698", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "name": "SUSE-SU-2014:1361", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html" }, { "name": "60859", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60859" }, { "name": "APPLE-SA-2014-10-20-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/533746" }, { "name": "GLSA-201507-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201507-14" }, { "name": "SSRT101921", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2" }, { "name": "SSRT101951", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm" }, { "name": "61345", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61345" }, { "name": "SSRT101834", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2" }, { "name": "61019", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61019" }, { "name": "70574", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70574" }, { "name": "1031120", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031120" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "name": "61825", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61825" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://advisories.mageia.org/MGASA-2014-0416.html" }, { "name": "1031029", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031029" }, { "name": "HPSBUX03281", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581" }, { "name": "HPSBMU03262", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2" }, { "name": "HPSBMU03267", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681" }, { "name": "HPSBMU03261", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2" }, { "name": "SUSE-SU-2016:1459", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "61782", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61782" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://access.redhat.com/articles/1232123" }, { "name": "MDVSA-2015:062", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "name": "FEDORA-2015-9110", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html" }, { "name": "1031085", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031085" }, { "name": "HPSBST03418", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "name": "SSRT101892", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2" }, { "name": "APPLE-SA-2014-10-20-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/533747" }, { "name": "HPSBGN03233", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "SSRT101916", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/mpgn/poodle-PoC" }, { "name": "MDVSA-2014:203", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203" }, { "name": "SSRT101739", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "SSRT101968", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.citrix.com/article/CTX216642" }, { "name": "SSRT101899", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability" }, { "name": "openSUSE-SU-2015:0190", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "name": "61303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61303" }, { "name": "HPSBGN03252", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2" }, { "name": "HPSBUX03273", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299" }, { "name": "1031039", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031039" }, { "name": "SUSE-SU-2016:1457", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172" }, { "name": "SSRT101998", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2" }, { "name": "SUSE-SU-2015:0344", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" }, { "name": "SSRT101922", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067" }, { "name": "1031089", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031089" }, { "name": "HPSBGN03253", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2" }, { "name": "HPSBMU03183", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2" }, { "name": "TA14-290A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/ncas/alerts/TA14-290A" }, { "name": "FEDORA-2014-13012", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html" }, { "name": "61819", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61819" }, { "name": "HPSBGN03255", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2" }, { "name": "1031088", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031088" }, { "name": "DSA-3147", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3147" }, { "name": "61995", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61995" }, { "name": "HPSBGN03202", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10090" }, { "name": "SSRT101928", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2" }, { "name": "1031086", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031086" }, { "name": "HPSBPI03360", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "name": "RHSA-2014:1692", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html" }, { "name": "FEDORA-2015-9090", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.openssl.org/~bodo/ssl-poodle.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439" }, { "name": "HPSBPI03107", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2" }, { "name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7" } ], "title": "CVE Program Container", "x_generator": { "engine": "ADPogram 0.0.1" } } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-05T16:29:26", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "HPSBOV03227", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc" }, { "name": "1031090", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031090" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/" }, { "name": "RHSA-2014:1880", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html" }, { "name": "HPSBHF03300", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635" }, { "name": "VU#577193", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/577193" }, { "name": "HPSBMU03184", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2" }, { "name": "HPSBGN03209", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2" }, { "name": "openSUSE-SU-2014:1331", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6542" }, { "name": "1031106", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031106" }, { "name": "HPSBGN03201", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "[openssl-dev] 20141014 Patch to mitigate CVE-2014-3566 (\"POODLE\")", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2" }, { "name": "SSRT101898", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2" }, { "name": "SSRT101896", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2" }, { "name": "60056", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60056" }, { "name": "RHSA-2014:1877", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html" }, { "name": "HPSBUX03162", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2" }, { "name": "61130", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61130" }, { "name": "RHSA-2015:1546", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html" }, { "name": "SUSE-SU-2015:0503", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6529" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.openssl.org/news/secadv_20141015.txt" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" }, { "name": "RHSA-2014:1920", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html" }, { "name": "1031087", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031087" }, { "name": "HPSBMU03234", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bto.bluecoat.com/security-advisory/sa83" }, { "name": "SSRT101849", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.citrix.com/article/CTX200238" }, { "name": "61359", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61359" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6541" }, { "name": "1031093", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031093" }, { "name": "1031132", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031132" }, { "name": "DSA-3144", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3144" }, { "name": "SSRT101790", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2" }, { "name": "DSA-3253", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "name": "SSRT101846", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.suse.com/support/kb/doc.php?id=7015773" }, { "name": "APPLE-SA-2014-10-16-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.elastic.co/blog/logstash-1-4-3-released" }, { "name": "SSRT101854", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946" }, { "name": "HPSBST03195", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2" }, { "name": "61827", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61827" }, { "name": "HPSBMU03152", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2" }, { "name": "RHSA-2015:0079", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283" }, { "name": "HPSBMU03304", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://technet.microsoft.com/library/security/3009008.aspx" }, { "name": "RHSA-2015:1545", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165" }, { "name": "HPSBMU03259", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2" }, { "name": "1031094", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031094" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html" }, { "name": "61316", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61316" }, { "name": "GLSA-201606-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201606-11" }, { "name": "RHSA-2014:1881", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.imperialviolet.org/2014/10/14/poodle.html" }, { "name": "1031096", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031096" }, { "name": "HPSBHF03275", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2" }, { "name": "61810", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61810" }, { "name": "HPSBHF03293", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2" }, { "name": "DSA-3053", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-3053" }, { "name": "HPSBGN03237", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.lenovo.com/us/en/product_security/poodle" }, { "name": "1031107", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031107" }, { "name": "1031095", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031095" }, { "name": "HPSBMU03223", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2" }, { "name": "SUSE-SU-2014:1549", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html" }, { "name": "HPSBGN03305", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2" }, { "name": "HPSBUX03194", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2" }, { "name": "SSRT101868", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "1031091", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031091" }, { "name": "HPSBMU03260", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2" }, { "name": "1031123", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031123" }, { "tags": [ "x_refsource_MISC" ], "url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205217" }, { "name": "1031092", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031092" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "name": "SUSE-SU-2015:0376", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html" }, { "name": "61926", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61926" }, { "name": "RHSA-2014:1876", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html" }, { "name": "SSRT101779", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html" }, { "name": "HPSBHF03156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2" }, { "name": "openSUSE-SU-2016:0640", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "name": "SSRT101838", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2" }, { "name": "HPSBGN03569", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2" }, { "name": "APPLE-SA-2015-09-16-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6531" }, { "name": "SUSE-SU-2014:1357", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip" }, { "name": "RHSA-2015:0264", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6527" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "name": "SSRT101897", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2" }, { "name": "HPSBGN03203", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2" }, { "name": "60206", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60206" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789" }, { "name": "60792", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60792" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "DSA-3489", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3489" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20141015-0001/" }, { "name": "1031105", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031105" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html" }, { "name": "FEDORA-2014-13069", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html" }, { "name": "1031131", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031131" }, { "name": "HPSBMU03221", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2" }, { "name": "USN-2487-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2487-1" }, { "name": "SSRT101795", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2" }, { "name": "HPSBGN03222", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html" }, { "name": "1031130", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031130" }, { "name": "HPSBMU03301", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2" }, { "name": "HPSBGN03164", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2" }, { "name": "RHSA-2014:1948", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html" }, { "name": "NetBSD-SA2014-015", "tags": [ "vendor-advisory", "x_refsource_NETBSD" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc" }, { "name": "HPSBGN03192", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2" }, { "name": "RHSA-2014:1653", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html" }, { "name": "SUSE-SU-2015:0392", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html" }, { "name": "HPSBMU03416", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx" }, { "name": "HPSBMU03283", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2" }, { "name": "RHSA-2015:0085", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "FEDORA-2014-12951", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html" }, { "name": "HPSBGN03191", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU" }, { "name": "SSRT101767", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2" }, { "name": "SUSE-SU-2014:1526", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html" }, { "name": "HPSBGN03332", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2" }, { "name": "RHSA-2014:1652", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "tags": [ "x_refsource_MISC" ], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "name": "SUSE-SU-2015:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html" }, { "name": "HPSBST03265", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2" }, { "name": "RHSA-2015:0086", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html" }, { "name": "HPSBMU03241", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2" }, { "name": "1031124", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031124" }, { "name": "SUSE-SU-2015:0578", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html" }, { "name": "SUSE-SU-2015:0336", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" }, { "name": "RHSA-2015:0080", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html" }, { "name": "HPSBMU03294", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2" }, { "name": "RHSA-2014:1882", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html" }, { "name": "RHSA-2015:0068", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html" }, { "name": "HPSBGN03251", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2" }, { "name": "USN-2486-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2486-1" }, { "name": "HPSBGN03391", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2" }, { "name": "59627", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59627" }, { "name": "HPSBGN03208", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2" }, { "name": "SSRT101894", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2" }, { "name": "HPSBMU03214", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" }, { "name": "HPSBMU03263", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2" }, { "name": "HPSBGN03254", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.lenovo.com/product_security/poodle" }, { "name": "20141014 SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle" }, { "name": "HPSBGN03205", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2" }, { "name": "RHSA-2015:0698", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "name": "SUSE-SU-2014:1361", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html" }, { "name": "60859", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60859" }, { "name": "APPLE-SA-2014-10-20-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://www.securityfocus.com/archive/1/533746" }, { "name": "GLSA-201507-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201507-14" }, { "name": "SSRT101921", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2" }, { "name": "SSRT101951", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm" }, { "name": "61345", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61345" }, { "name": "SSRT101834", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2" }, { "name": "61019", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61019" }, { "name": "70574", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70574" }, { "name": "1031120", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031120" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "name": "61825", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61825" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://advisories.mageia.org/MGASA-2014-0416.html" }, { "name": "1031029", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031029" }, { "name": "HPSBUX03281", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581" }, { "name": "HPSBMU03262", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2" }, { "name": "HPSBMU03267", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681" }, { "name": "HPSBMU03261", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2" }, { "name": "SUSE-SU-2016:1459", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "61782", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61782" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://access.redhat.com/articles/1232123" }, { "name": "MDVSA-2015:062", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "name": "FEDORA-2015-9110", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html" }, { "name": "1031085", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031085" }, { "name": "HPSBST03418", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "name": "SSRT101892", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2" }, { "name": "APPLE-SA-2014-10-20-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://www.securityfocus.com/archive/1/533747" }, { "name": "HPSBGN03233", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "SSRT101916", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/mpgn/poodle-PoC" }, { "name": "MDVSA-2014:203", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203" }, { "name": "SSRT101739", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "SSRT101968", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.citrix.com/article/CTX216642" }, { "name": "SSRT101899", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability" }, { "name": "openSUSE-SU-2015:0190", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "name": "61303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61303" }, { "name": "HPSBGN03252", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2" }, { "name": "HPSBUX03273", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299" }, { "name": "1031039", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031039" }, { "name": "SUSE-SU-2016:1457", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172" }, { "name": "SSRT101998", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2" }, { "name": "SUSE-SU-2015:0344", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" }, { "name": "SSRT101922", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067" }, { "name": "1031089", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031089" }, { "name": "HPSBGN03253", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2" }, { "name": "HPSBMU03183", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2" }, { "name": "TA14-290A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/ncas/alerts/TA14-290A" }, { "name": "FEDORA-2014-13012", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html" }, { "name": "61819", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61819" }, { "name": "HPSBGN03255", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2" }, { "name": "1031088", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031088" }, { "name": "DSA-3147", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3147" }, { "name": "61995", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61995" }, { "name": "HPSBGN03202", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10090" }, { "name": "SSRT101928", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2" }, { "name": "1031086", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031086" }, { "name": "HPSBPI03360", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "name": "RHSA-2014:1692", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html" }, { "name": "FEDORA-2015-9090", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.openssl.org/~bodo/ssl-poodle.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439" }, { "name": "HPSBPI03107", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2" }, { "name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-3566", "datePublished": "2014-10-15T00:00:00", "dateReserved": "2014-05-14T00:00:00", "dateUpdated": "2024-11-27T19:31:57.733Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4432 (GCVE-0-2014-4432)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
fdesetup in Apple OS X before 10.10 does not properly display the encryption status in between a setting-update action and a reboot action, which might make it easier for physically proximate attackers to obtain cleartext data by leveraging ignorance of the reboot requirement.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.567Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "70632", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70632" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144432-sec-bypass(97637)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97637" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "fdesetup in Apple OS X before 10.10 does not properly display the encryption status in between a setting-update action and a reboot action, which might make it easier for physically proximate attackers to obtain cleartext data by leveraging ignorance of the reboot requirement." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "70632", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70632" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144432-sec-bypass(97637)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97637" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4432", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "fdesetup in Apple OS X before 10.10 does not properly display the encryption status in between a setting-update action and a reboot action, which might make it easier for physically proximate attackers to obtain cleartext data by leveraging ignorance of the reboot requirement." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "70632", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70632" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144432-sec-bypass(97637)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97637" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4432", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.567Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4433 (GCVE-0-2014-4433)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the kernel in Apple OS X before 10.10 allows physically proximate attackers to execute arbitrary code via crafted resource forks in an HFS filesystem.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.577Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "70620", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70620" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144433-bo(97634)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97634" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the kernel in Apple OS X before 10.10 allows physically proximate attackers to execute arbitrary code via crafted resource forks in an HFS filesystem." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "70620", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70620" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144433-bo(97634)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97634" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4433", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in the kernel in Apple OS X before 10.10 allows physically proximate attackers to execute arbitrary code via crafted resource forks in an HFS filesystem." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "70620", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70620" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144433-bo(97634)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97634" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4433", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.577Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4442 (GCVE-0-2014-4442)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Apple OS X before 10.10 allows local users to cause a denial of service (panic) via a message to a system control socket.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.579Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "70624", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70624" }, { "name": "macosx-cve20144442-dos(97632)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97632" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel in Apple OS X before 10.10 allows local users to cause a denial of service (panic) via a message to a system control socket." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "70624", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70624" }, { "name": "macosx-cve20144442-dos(97632)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97632" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4442", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel in Apple OS X before 10.10 allows local users to cause a denial of service (panic) via a message to a system control socket." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "70624", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70624" }, { "name": "macosx-cve20144442-dos(97632)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97632" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4442", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.579Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-0064 (GCVE-0-2014-0064)
Vulnerability from cvelistv5
Published
2014-03-28 17:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:05:38.350Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/support/security/" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "65725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/65725" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065230" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61307" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-02-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/support/security/" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "65725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/65725" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065230" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61307" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0064", "datePublished": "2014-03-28T17:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:38.350Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4438 (GCVE-0-2014-4438)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Race condition in LoginWindow in Apple OS X before 10.10 allows physically proximate attackers to obtain access by leveraging an unattended workstation on which screen locking had been attempted.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.615Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "70622", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70622" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144438-sec-bypass(97630)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97630" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Race condition in LoginWindow in Apple OS X before 10.10 allows physically proximate attackers to obtain access by leveraging an unattended workstation on which screen locking had been attempted." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "70622", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70622" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144438-sec-bypass(97630)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97630" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4438", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Race condition in LoginWindow in Apple OS X before 10.10 allows physically proximate attackers to obtain access by leveraging an unattended workstation on which screen locking had been attempted." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "70622", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70622" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144438-sec-bypass(97630)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97630" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4438", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.615Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-0591 (GCVE-0-2014-0591)
Vulnerability from cvelistv5
Published
2014-01-14 02:00
Modified
2024-08-06 09:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:20:19.832Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1029589", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1029589" }, { "name": "RHSA-2014:0043", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0043.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051717" }, { "name": "DSA-3023", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-3023" }, { "name": "MDVSA-2014:002", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:002" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "56574", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56574" }, { "name": "openSUSE-SU-2014:0199", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00016.html" }, { "name": "56522", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56522" }, { "name": "FEDORA-2014-0858", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126761.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://linux.oracle.com/errata/ELSA-2014-1244" }, { "name": "56442", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56442" }, { "name": "SSA:2014-028-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.524465" }, { "name": "61199", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61199" }, { "name": "SUSE-SU-2015:0480", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html" }, { "name": "HPSBUX02961", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=138995561732658\u0026w=2" }, { "name": "56427", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56427" }, { "name": "56871", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56871" }, { "name": "SSA:2014-175-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.518391" }, { "name": "openSUSE-SU-2014:0202", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00019.html" }, { "name": "56425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56425" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.isc.org/article/AA-01085" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "56493", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56493" }, { "name": "FEDORA-2014-0811", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126772.html" }, { "name": "FreeBSD-SA-14:04", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:04.bind.asc" }, { "name": "SSRT101420", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=138995561732658\u0026w=2" }, { "name": "101973", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/101973" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.isc.org/article/AA-01078" }, { "name": "61343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61343" }, { "name": "61117", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61117" }, { "name": "64801", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/64801" }, { "name": "USN-2081-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2081-1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-01-13T00:00:00", "descriptions": [ { "lang": "en", "value": "The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-02T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1029589", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1029589" }, { "name": "RHSA-2014:0043", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0043.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051717" }, { "name": "DSA-3023", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-3023" }, { "name": "MDVSA-2014:002", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:002" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "56574", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56574" }, { "name": "openSUSE-SU-2014:0199", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00016.html" }, { "name": "56522", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56522" }, { "name": "FEDORA-2014-0858", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126761.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://linux.oracle.com/errata/ELSA-2014-1244" }, { "name": "56442", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56442" }, { "name": "SSA:2014-028-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.524465" }, { "name": "61199", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61199" }, { "name": "SUSE-SU-2015:0480", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html" }, { "name": "HPSBUX02961", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=138995561732658\u0026w=2" }, { "name": "56427", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56427" }, { "name": "56871", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56871" }, { "name": "SSA:2014-175-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.518391" }, { "name": "openSUSE-SU-2014:0202", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00019.html" }, { "name": "56425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56425" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.isc.org/article/AA-01085" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "56493", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56493" }, { "name": "FEDORA-2014-0811", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126772.html" }, { "name": "FreeBSD-SA-14:04", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:04.bind.asc" }, { "name": "SSRT101420", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=138995561732658\u0026w=2" }, { "name": "101973", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/101973" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.isc.org/article/AA-01078" }, { "name": "61343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61343" }, { "name": "61117", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61117" }, { "name": "64801", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/64801" }, { "name": "USN-2081-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2081-1" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-0591", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1029589", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029589" }, { "name": "RHSA-2014:0043", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0043.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1051717", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051717" }, { "name": "DSA-3023", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-3023" }, { "name": "MDVSA-2014:002", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:002" }, { "name": "APPLE-SA-2014-10-16-3", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "56574", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56574" }, { "name": "openSUSE-SU-2014:0199", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00016.html" }, { "name": "56522", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56522" }, { "name": "FEDORA-2014-0858", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126761.html" }, { "name": "http://linux.oracle.com/errata/ELSA-2014-1244", "refsource": "CONFIRM", "url": "http://linux.oracle.com/errata/ELSA-2014-1244" }, { "name": "56442", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56442" }, { "name": "SSA:2014-028-01", "refsource": "SLACKWARE", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.524465" }, { "name": "61199", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61199" }, { "name": "SUSE-SU-2015:0480", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html" }, { "name": "HPSBUX02961", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=138995561732658\u0026w=2" }, { "name": "56427", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56427" }, { "name": "56871", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56871" }, { "name": "SSA:2014-175-01", "refsource": "SLACKWARE", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.518391" }, { "name": "openSUSE-SU-2014:0202", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00019.html" }, { "name": "56425", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56425" }, { "name": "https://kb.isc.org/article/AA-01085", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-01085" }, { "name": "https://support.apple.com/kb/HT6536", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6536" }, { "name": "56493", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56493" }, { "name": "FEDORA-2014-0811", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126772.html" }, { "name": "FreeBSD-SA-14:04", "refsource": "FREEBSD", "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:04.bind.asc" }, { "name": "SSRT101420", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=138995561732658\u0026w=2" }, { "name": "101973", "refsource": "OSVDB", "url": "http://osvdb.org/101973" }, { "name": "https://kb.isc.org/article/AA-01078", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-01078" }, { "name": "61343", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61343" }, { "name": "61117", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61117" }, { "name": "64801", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64801" }, { "name": "USN-2081-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2081-1" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-0591", "datePublished": "2014-01-14T02:00:00", "dateReserved": "2013-12-27T00:00:00", "dateUpdated": "2024-08-06T09:20:19.832Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4388 (GCVE-0-2014-4388)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418.
References
URL | Tags | ||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.616Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6443" }, { "name": "appleios-cve20144388-code-exec(96093)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96093" }, { "name": "69948", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69948" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6443" }, { "name": "appleios-cve20144388-code-exec(96093)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96093" }, { "name": "69948", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69948" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4388", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "http://support.apple.com/kb/HT6443", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6443" }, { "name": "appleios-cve20144388-code-exec(96093)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96093" }, { "name": "69948", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69948" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4388", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.616Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2013-6393 (GCVE-0-2013-6393)
Vulnerability from cvelistv5
Published
2014-02-06 22:00
Modified
2024-08-06 17:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T17:39:01.258Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2014:0273", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00065.html" }, { "name": "DSA-2870", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2870" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1033990" }, { "name": "APPLE-SA-2014-04-22-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html" }, { "name": "102716", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/102716" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/attachment.cgi?id=847926\u0026action=diff" }, { "name": "MDVSA-2015:060", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:060" }, { "name": "65258", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/65258" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://advisories.mageia.org/MGASA-2014-0040.html" }, { "name": "openSUSE-SU-2015:0319", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html" }, { "name": "RHSA-2014:0355", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0355.html" }, { "name": "openSUSE-SU-2014:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00064.html" }, { "name": "RHSA-2014:0354", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0354.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "openSUSE-SU-2016:1067", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html" }, { "name": "DSA-2850", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2850" }, { "name": "RHSA-2014:0353", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0353.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bitbucket.org/xi/libyaml/commits/tag/0.1.5" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://puppet.com/security/cve/cve-2013-6393" }, { "name": "USN-2098-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2098-1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2013-11-24T00:00:00", "descriptions": [ { "lang": "en", "value": "The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-08T10:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "openSUSE-SU-2014:0273", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00065.html" }, { "name": "DSA-2870", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2870" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1033990" }, { "name": "APPLE-SA-2014-04-22-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html" }, { "name": "102716", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/102716" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/attachment.cgi?id=847926\u0026action=diff" }, { "name": "MDVSA-2015:060", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:060" }, { "name": "65258", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/65258" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://advisories.mageia.org/MGASA-2014-0040.html" }, { "name": "openSUSE-SU-2015:0319", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html" }, { "name": "RHSA-2014:0355", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0355.html" }, { "name": "openSUSE-SU-2014:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00064.html" }, { "name": "RHSA-2014:0354", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0354.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "openSUSE-SU-2016:1067", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html" }, { "name": "DSA-2850", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2850" }, { "name": "RHSA-2014:0353", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0353.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bitbucket.org/xi/libyaml/commits/tag/0.1.5" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://puppet.com/security/cve/cve-2013-6393" }, { "name": "USN-2098-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2098-1" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-6393", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2014:0273", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00065.html" }, { "name": "DSA-2870", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-2870" }, { "name": "APPLE-SA-2014-10-16-3", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1033990", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1033990" }, { "name": "APPLE-SA-2014-04-22-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html" }, { "name": "102716", "refsource": "OSVDB", "url": "http://osvdb.org/102716" }, { "name": "https://bugzilla.redhat.com/attachment.cgi?id=847926\u0026action=diff", "refsource": "MISC", "url": "https://bugzilla.redhat.com/attachment.cgi?id=847926\u0026action=diff" }, { "name": "MDVSA-2015:060", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:060" }, { "name": "65258", "refsource": "BID", "url": "http://www.securityfocus.com/bid/65258" }, { "name": "http://advisories.mageia.org/MGASA-2014-0040.html", "refsource": "CONFIRM", "url": "http://advisories.mageia.org/MGASA-2014-0040.html" }, { "name": "openSUSE-SU-2015:0319", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html" }, { "name": "RHSA-2014:0355", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0355.html" }, { "name": "openSUSE-SU-2014:0272", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00064.html" }, { "name": "RHSA-2014:0354", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0354.html" }, { "name": "https://support.apple.com/kb/HT6536", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6536" }, { "name": "openSUSE-SU-2016:1067", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html" }, { "name": "DSA-2850", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-2850" }, { "name": "RHSA-2014:0353", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0353.html" }, { "name": "https://bitbucket.org/xi/libyaml/commits/tag/0.1.5", "refsource": "CONFIRM", "url": "https://bitbucket.org/xi/libyaml/commits/tag/0.1.5" }, { "name": "https://puppet.com/security/cve/cve-2013-6393", "refsource": "CONFIRM", "url": "https://puppet.com/security/cve/cve-2013-6393" }, { "name": "USN-2098-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2098-1" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-6393", "datePublished": "2014-02-06T22:00:00", "dateReserved": "2013-11-04T00:00:00", "dateUpdated": "2024-08-06T17:39:01.258Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-0060 (GCVE-0-2014-0060)
Vulnerability from cvelistv5
Published
2014-03-28 17:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:05:38.375Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61307" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://puppet.com/security/cve/cve-2014-0060" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-02-20T00:00:00", "descriptions": [ { "lang": "en", "value": "PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61307" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://puppet.com/security/cve/cve-2014-0060" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0060", "datePublished": "2014-03-28T17:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:38.375Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4426 (GCVE-0-2014-4426)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
AFP File Server in Apple OS X before 10.10 allows remote attackers to discover the network addresses of all interfaces via an unspecified command to one interface.
References
URL | Tags | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.578Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "macosx-cve20144426-info-disc(97643)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97643" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "70623", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70623" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "AFP File Server in Apple OS X before 10.10 allows remote attackers to discover the network addresses of all interfaces via an unspecified command to one interface." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "macosx-cve20144426-info-disc(97643)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97643" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "70623", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70623" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4426", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "AFP File Server in Apple OS X before 10.10 allows remote attackers to discover the network addresses of all interfaces via an unspecified command to one interface." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "macosx-cve20144426-info-disc(97643)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97643" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "http://support.apple.com/HT204244", "refsource": "CONFIRM", "url": "http://support.apple.com/HT204244" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "70623", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70623" }, { "name": "APPLE-SA-2015-01-27-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4426", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.578Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4439 (GCVE-0-2014-4439)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mail in Apple OS X before 10.10 does not properly recognize the removal of a recipient address from a message, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading a message intended exclusively for other recipients.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.694Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "macosx-cve20144439-info-disc(97629)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97629" }, { "name": "70619", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70619" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Mail in Apple OS X before 10.10 does not properly recognize the removal of a recipient address from a message, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading a message intended exclusively for other recipients." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "macosx-cve20144439-info-disc(97629)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97629" }, { "name": "70619", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70619" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4439", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mail in Apple OS X before 10.10 does not properly recognize the removal of a recipient address from a message, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading a message intended exclusively for other recipients." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "macosx-cve20144439-info-disc(97629)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97629" }, { "name": "70619", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70619" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4439", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.694Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4434 (GCVE-0-2014-4434)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Apple OS X before 10.10 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.713Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "70618", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70618" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144434-dos(97633)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97633" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel in Apple OS X before 10.10 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "70618", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70618" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144434-dos(97633)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97633" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4434", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel in Apple OS X before 10.10 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "70618", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70618" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144434-dos(97633)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97633" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4434", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.713Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4351 (GCVE-0-2014-4351)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file.
References
URL | Tags | |||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.391Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "70643", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70643" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6493" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "macosx-quicktime-cve20144351-bo(97626)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97626" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "1031065", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031065" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "70643", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70643" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6493" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "macosx-quicktime-cve20144351-bo(97626)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97626" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "1031065", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031065" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4351", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "70643", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70643" }, { "name": "https://support.apple.com/kb/HT6493", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6493" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "macosx-quicktime-cve20144351-bo(97626)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97626" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "1031065", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031065" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4351", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.391Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4446 (GCVE-0-2014-4446)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mail Service in Apple OS X Server before 4.0 does not enforce SACL changes until after a service restart, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a change made by an administrator.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.639Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1031071", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031071" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "macosx-cve20144446-dos(97645)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97645" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Mail Service in Apple OS X Server before 4.0 does not enforce SACL changes until after a service restart, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a change made by an administrator." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "1031071", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031071" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "macosx-cve20144446-dos(97645)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97645" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4446", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mail Service in Apple OS X Server before 4.0 does not enforce SACL changes until after a service restart, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a change made by an administrator." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1031071", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031071" }, { "name": "APPLE-SA-2014-10-16-3", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "macosx-cve20144446-dos(97645)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97645" }, { "name": "https://support.apple.com/kb/HT6536", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6536" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4446", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.639Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4380 (GCVE-0-2014-4380)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.564Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT204659" }, { "name": "appleios-cve20144380-code-exec(96110)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96110" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69942", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69942" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel\u0027s context via a crafted application." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT204659" }, { "name": "appleios-cve20144380-code-exec(96110)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96110" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69942", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69942" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4380", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel\u0027s context via a crafted application." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT204659", "refsource": "CONFIRM", "url": "https://support.apple.com/HT204659" }, { "name": "appleios-cve20144380-code-exec(96110)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96110" }, { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69942", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69942" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "APPLE-SA-2015-04-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4380", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.564Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4408 (GCVE-0-2014-4408)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.516Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69939", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69939" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144408-priv-esc(96086)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96086" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69939", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69939" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144408-priv-esc(96086)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96086" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4408", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69939", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69939" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144408-priv-esc(96086)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96086" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4408", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.516Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-0062 (GCVE-0-2014-0062)
Vulnerability from cvelistv5
Published
2014-03-28 17:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:05:38.393Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "name": "65727", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/65727" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61307" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-02-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "name": "65727", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/65727" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61307" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0062", "datePublished": "2014-03-28T17:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:38.393Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2013-5150 (GCVE-0-2013-5150)
Vulnerability from cvelistv5
Published
2013-09-19 10:00
Modified
2024-08-06 17:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward history of an open tab, which allows physically proximate attackers to obtain sensitive information by leveraging an unattended workstation.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T17:06:51.753Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1029054", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1029054" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT5934" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2013-09-18-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2013-09-18T00:00:00", "descriptions": [ { "lang": "en", "value": "The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward history of an open tab, which allows physically proximate attackers to obtain sensitive information by leveraging an unattended workstation." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-10-18T01:57:00", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "1029054", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1029054" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT5934" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2013-09-18-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2013-5150", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward history of an open tab, which allows physically proximate attackers to obtain sensitive information by leveraging an unattended workstation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1029054", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029054" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "http://support.apple.com/kb/HT5934", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT5934" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2013-09-18-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2013-5150", "datePublished": "2013-09-19T10:00:00", "dateReserved": "2013-08-15T00:00:00", "dateUpdated": "2024-08-06T17:06:51.753Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-0061 (GCVE-0-2014-0061)
Vulnerability from cvelistv5
Published
2014-03-28 17:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:05:38.995Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61307" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-02-20T00:00:00", "descriptions": [ { "lang": "en", "value": "The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" }, { "name": "61307", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61307" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0061", "datePublished": "2014-03-28T17:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:38.995Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4441 (GCVE-0-2014-4441)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetFS Client Framework in Apple OS X before 10.10 does not ensure that the disabling of File Sharing is always possible, which allows remote attackers to read or write to files by leveraging a state in which File Sharing is permanently enabled.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.617Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144441-info-disc(97627)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97627" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "NetFS Client Framework in Apple OS X before 10.10 does not ensure that the disabling of File Sharing is always possible, which allows remote attackers to read or write to files by leveraging a state in which File Sharing is permanently enabled." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144441-info-disc(97627)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97627" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4441", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NetFS Client Framework in Apple OS X before 10.10 does not ensure that the disabling of File Sharing is always possible, which allows remote attackers to read or write to files by leveraging a state in which File Sharing is permanently enabled." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144441-info-disc(97627)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97627" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4441", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.617Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4444 (GCVE-0-2014-4444)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SecurityAgent in Apple OS X before 10.10 does not ensure that a Kerberos ticket is in the cache for the correct user, which allows local users to gain privileges in opportunistic circumstances by leveraging a Fast User Switching login.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.623Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "macosx-cve20144444-sec-bypass(97623)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97623" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "SecurityAgent in Apple OS X before 10.10 does not ensure that a Kerberos ticket is in the cache for the correct user, which allows local users to gain privileges in opportunistic circumstances by leveraging a Fast User Switching login." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "macosx-cve20144444-sec-bypass(97623)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97623" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4444", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "SecurityAgent in Apple OS X before 10.10 does not ensure that a Kerberos ticket is in the cache for the correct user, which allows local users to gain privileges in opportunistic circumstances by leveraging a Fast User Switching login." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "macosx-cve20144444-sec-bypass(97623)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97623" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4444", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.623Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2013-4164 (GCVE-0-2013-4164)
Vulnerability from cvelistv5
Published
2013-11-23 19:00
Modified
2024-08-06 16:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T16:30:50.071Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://puppet.com/security/cve/cve-2013-4164" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "openSUSE-SU-2013:1835", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00028.html" }, { "name": "USN-2035-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2035-1" }, { "name": "APPLE-SA-2014-04-22-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html" }, { "name": "RHSA-2014:0215", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0215.html" }, { "name": "SUSE-SU-2013:1897", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00009.html" }, { "name": "RHSA-2013:1763", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1763.html" }, { "name": "RHSA-2013:1764", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1764.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ruby-lang.org/en/news/2013/11/22/ruby-2-0-0-p353-is-released" }, { "name": "63873", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/63873" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164" }, { "name": "RHSA-2013:1767", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1767.html" }, { "name": "RHSA-2014:0011", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0011.html" }, { "name": "openSUSE-SU-2013:1834", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00027.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "100113", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/100113" }, { "name": "DSA-2810", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2013/dsa-2810" }, { "name": "57376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/57376" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ruby-lang.org/en/news/2013/11/22/ruby-1-9-3-p484-is-released" }, { "name": "DSA-2809", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2013/dsa-2809" }, { "name": "55787", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/55787" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2013-11-22T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-08T21:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://puppet.com/security/cve/cve-2013-4164" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "openSUSE-SU-2013:1835", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00028.html" }, { "name": "USN-2035-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2035-1" }, { "name": "APPLE-SA-2014-04-22-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html" }, { "name": "RHSA-2014:0215", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0215.html" }, { "name": "SUSE-SU-2013:1897", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00009.html" }, { "name": "RHSA-2013:1763", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1763.html" }, { "name": "RHSA-2013:1764", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1764.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ruby-lang.org/en/news/2013/11/22/ruby-2-0-0-p353-is-released" }, { "name": "63873", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/63873" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164" }, { "name": "RHSA-2013:1767", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1767.html" }, { "name": "RHSA-2014:0011", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0011.html" }, { "name": "openSUSE-SU-2013:1834", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00027.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "100113", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/100113" }, { "name": "DSA-2810", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2013/dsa-2810" }, { "name": "57376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/57376" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ruby-lang.org/en/news/2013/11/22/ruby-1-9-3-p484-is-released" }, { "name": "DSA-2809", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2013/dsa-2809" }, { "name": "55787", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/55787" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4164", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://puppet.com/security/cve/cve-2013-4164", "refsource": "CONFIRM", "url": "https://puppet.com/security/cve/cve-2013-4164" }, { "name": "APPLE-SA-2014-10-16-3", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "openSUSE-SU-2013:1835", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00028.html" }, { "name": "USN-2035-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2035-1" }, { "name": "APPLE-SA-2014-04-22-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html" }, { "name": "RHSA-2014:0215", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0215.html" }, { "name": "SUSE-SU-2013:1897", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00009.html" }, { "name": "RHSA-2013:1763", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1763.html" }, { "name": "RHSA-2013:1764", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1764.html" }, { "name": "https://www.ruby-lang.org/en/news/2013/11/22/ruby-2-0-0-p353-is-released", "refsource": "CONFIRM", "url": "https://www.ruby-lang.org/en/news/2013/11/22/ruby-2-0-0-p353-is-released" }, { "name": "63873", "refsource": "BID", "url": "http://www.securityfocus.com/bid/63873" }, { "name": "https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164", "refsource": "CONFIRM", "url": "https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164" }, { "name": "RHSA-2013:1767", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1767.html" }, { "name": "RHSA-2014:0011", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0011.html" }, { "name": "openSUSE-SU-2013:1834", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00027.html" }, { "name": "https://support.apple.com/kb/HT6536", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6536" }, { "name": "100113", "refsource": "OSVDB", "url": "http://osvdb.org/100113" }, { "name": "DSA-2810", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2013/dsa-2810" }, { "name": "57376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/57376" }, { "name": "https://www.ruby-lang.org/en/news/2013/11/22/ruby-1-9-3-p484-is-released", "refsource": "CONFIRM", "url": "https://www.ruby-lang.org/en/news/2013/11/22/ruby-1-9-3-p484-is-released" }, { "name": "DSA-2809", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2013/dsa-2809" }, { "name": "55787", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/55787" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-4164", "datePublished": "2013-11-23T19:00:00", "dateReserved": "2013-06-12T00:00:00", "dateUpdated": "2024-08-06T16:30:50.071Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4440 (GCVE-0-2014-4440)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The MCX Desktop Config Profiles implementation in Apple OS X before 10.10 retains web-proxy settings from uninstalled mobile-configuration profiles, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging access to an unintended proxy server.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.640Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "macosx-cve20144440-sec-bypass(97628)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97628" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70631", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70631" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The MCX Desktop Config Profiles implementation in Apple OS X before 10.10 retains web-proxy settings from uninstalled mobile-configuration profiles, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging access to an unintended proxy server." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "macosx-cve20144440-sec-bypass(97628)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97628" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70631", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70631" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4440", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The MCX Desktop Config Profiles implementation in Apple OS X before 10.10 retains web-proxy settings from uninstalled mobile-configuration profiles, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging access to an unintended proxy server." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "macosx-cve20144440-sec-bypass(97628)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97628" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "70631", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70631" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4440", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.640Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4428 (GCVE-0-2014-4428)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Bluetooth in Apple OS X before 10.10 does not require encryption for HID Low Energy devices, which allows remote attackers to spoof a device by leveraging previous pairing.
References
URL | Tags | ||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.585Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6542" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6541" }, { "name": "61827", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61827" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144428-sec-bypass(97641)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97641" }, { "name": "APPLE-SA-2014-10-20-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/533746" }, { "name": "61825", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61825" }, { "name": "APPLE-SA-2014-10-20-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/533747" }, { "name": "70636", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70636" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Bluetooth in Apple OS X before 10.10 does not require encryption for HID Low Energy devices, which allows remote attackers to spoof a device by leveraging previous pairing." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6542" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6541" }, { "name": "61827", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61827" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144428-sec-bypass(97641)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97641" }, { "name": "APPLE-SA-2014-10-20-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://www.securityfocus.com/archive/1/533746" }, { "name": "61825", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61825" }, { "name": "APPLE-SA-2014-10-20-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://www.securityfocus.com/archive/1/533747" }, { "name": "70636", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70636" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4428", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Bluetooth in Apple OS X before 10.10 does not require encryption for HID Low Energy devices, which allows remote attackers to spoof a device by leveraging previous pairing." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/kb/HT6542", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6542" }, { "name": "https://support.apple.com/kb/HT6541", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6541" }, { "name": "61827", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61827" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144428-sec-bypass(97641)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97641" }, { "name": "APPLE-SA-2014-10-20-2", "refsource": "APPLE", "url": "http://www.securityfocus.com/archive/1/533746" }, { "name": "61825", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61825" }, { "name": "APPLE-SA-2014-10-20-1", "refsource": "APPLE", "url": "http://www.securityfocus.com/archive/1/533747" }, { "name": "70636", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70636" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4428", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.585Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4435 (GCVE-0-2014-4435)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The "iCloud Find My Mac" feature in Apple OS X before 10.10 does not properly enforce rate limiting of lost-mode PIN entry, which makes it easier for physically proximate attackers to obtain access via a brute-force attack involving a series of reboots.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.742Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "macosx-cve20144435-info-disc(97636)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97636" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "70638", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70638" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The \"iCloud Find My Mac\" feature in Apple OS X before 10.10 does not properly enforce rate limiting of lost-mode PIN entry, which makes it easier for physically proximate attackers to obtain access via a brute-force attack involving a series of reboots." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "macosx-cve20144435-info-disc(97636)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97636" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "70638", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70638" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4435", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The \"iCloud Find My Mac\" feature in Apple OS X before 10.10 does not properly enforce rate limiting of lost-mode PIN entry, which makes it easier for physically proximate attackers to obtain access via a brute-force attack involving a series of reboots." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "macosx-cve20144435-info-disc(97636)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97636" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "70638", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70638" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4435", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.742Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2013-3919 (GCVE-0-2013-3919)
Vulnerability from cvelistv5
Published
2013-06-06 10:00
Modified
2024-08-06 16:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T16:22:01.473Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.isc.org/article/AA-00967/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2013-06-04T00:00:00", "descriptions": [ { "lang": "en", "value": "resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-10-18T01:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.isc.org/article/AA-00967/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-3919", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "APPLE-SA-2014-10-16-3", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "https://support.apple.com/kb/HT6536", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6536" }, { "name": "https://kb.isc.org/article/AA-00967/", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-00967/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-3919", "datePublished": "2013-06-06T10:00:00", "dateReserved": "2013-06-04T00:00:00", "dateUpdated": "2024-08-06T16:22:01.473Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4437 (GCVE-0-2014-4437)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LaunchServices in Apple OS X before 10.10 allows attackers to bypass intended sandbox restrictions via an application that specifies a crafted handler for the Content-Type field of an object.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.647Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144437-sec-bypass(97631)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97631" }, { "name": "70627", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70627" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "LaunchServices in Apple OS X before 10.10 allows attackers to bypass intended sandbox restrictions via an application that specifies a crafted handler for the Content-Type field of an object." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144437-sec-bypass(97631)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97631" }, { "name": "70627", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70627" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4437", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "LaunchServices in Apple OS X before 10.10 allows attackers to bypass intended sandbox restrictions via an application that specifies a crafted handler for the Content-Type field of an object." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144437-sec-bypass(97631)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97631" }, { "name": "70627", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70627" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4437", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.647Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4364 (GCVE-0-2014-4364)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.118Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "69913", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69913" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144364-spoofing(96097)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96097" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "69913", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69913" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144364-spoofing(96097)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96097" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4364", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "69913", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69913" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "appleios-cve20144364-spoofing(96097)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96097" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4364", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.118Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4427 (GCVE-0-2014-4427)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
App Sandbox in Apple OS X before 10.10 allows attackers to bypass a sandbox protection mechanism via the accessibility API.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.565Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "70635", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70635" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144427-sec-bypass(97642)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97642" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "App Sandbox in Apple OS X before 10.10 allows attackers to bypass a sandbox protection mechanism via the accessibility API." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "70635", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70635" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144427-sec-bypass(97642)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97642" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4427", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "App Sandbox in Apple OS X before 10.10 allows attackers to bypass a sandbox protection mechanism via the accessibility API." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "70635", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70635" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "macosx-cve20144427-sec-bypass(97642)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97642" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4427", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.565Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4404 (GCVE-0-2014-4404)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2025-07-30 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.484Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT204659" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69947", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69947" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "name": "appleios-cve20144404-bo(96111)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96111" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2014-4404", "options": [ { "Exploitation": "active" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-29T17:50:46.758062Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2022-02-10", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-4404" }, "type": "kev" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-07-30T01:46:49.752Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "timeline": [ { "lang": "en", "time": "2022-02-10T00:00:00+00:00", "value": "CVE-2014-4404 added to CISA KEV" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00.000Z", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01.000Z", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT204659" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69947", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69947" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "name": "appleios-cve20144404-bo(96111)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96111" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4404", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT204659", "refsource": "CONFIRM", "url": "https://support.apple.com/HT204659" }, { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69947", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69947" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "appleios-cve20144404-bo(96111)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96111" }, { "name": "APPLE-SA-2015-04-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4404", "datePublished": "2014-09-18T10:00:00.000Z", "dateReserved": "2014-06-20T00:00:00.000Z", "dateUpdated": "2025-07-30T01:46:49.752Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4371 (GCVE-0-2014-4371)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.117Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "appleios-cve20144371-info-disc(96100)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96100" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69919", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69919" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "appleios-cve20144371-info-disc(96100)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96100" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69919", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69919" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/HT204244" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "APPLE-SA-2015-01-27-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4371", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "appleios-cve20144371-info-disc(96100)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96100" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "69919", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69919" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "http://support.apple.com/HT204244", "refsource": "CONFIRM", "url": "http://support.apple.com/HT204244" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "APPLE-SA-2015-01-27-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4371", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.117Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-7169 (GCVE-0-2014-7169)
Vulnerability from cvelistv5
Published
2014-09-25 01:00
Modified
2025-07-30 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T12:40:19.217Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749" }, { "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32" }, { "name": "HPSBMU03165", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2" }, { "name": "HPSBHF03119", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts" }, { "name": "HPSBST03131", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2" }, { "name": "SSRT101819", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded" }, { "name": "HPSBMU03245", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "name": "openSUSE-SU-2014:1229", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479" }, { "name": "61188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61188" }, { "name": "JVN#55667175", "tags": [ "third-party-advisory", "x_refsource_JVN", "x_transferred" ], "url": "http://jvn.jp/en/jp/JVN55667175/index.html" }, { "name": "61676", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61676" }, { "name": "openSUSE-SU-2014:1254", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html" }, { "name": "60433", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60433" }, { "name": "HPSBMU03143", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2" }, { "name": "HPSBMU03182", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2" }, { "name": "RHSA-2014:1306", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html" }, { "name": "HPSBST03155", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541" }, { "name": "61715", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61715" }, { "name": "USN-2363-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2363-2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html" }, { "name": "61816", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61816" }, { "name": "openSUSE-SU-2014:1310", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html" }, { "name": "61442", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61442" }, { "name": "HPSBMU03246", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2" }, { "name": "HPSBST03195", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2" }, { "name": "61283", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61283" }, { "name": "SSRT101711", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085" }, { "name": "openSUSE-SU-2014:1308", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html" }, { "name": "61654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61654" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.novell.com/support/kb/doc.php?id=7015701" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315" }, { "name": "62312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62312" }, { "name": "59272", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59272" }, { "name": "HPSBST03122", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html" }, { "name": "HPSBMU03217", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "name": "RHSA-2014:1312", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604" }, { "name": "USN-2363-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2363-1" }, { "name": "SSRT101868", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61703", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61703" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6495" }, { "name": "VU#252743", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/252743" }, { "name": "61065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61065" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html" }, { "name": "HPSBST03129", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2" }, { "name": "HPSBMU03144", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/security/cve/CVE-2014-7169.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131" }, { "name": "JVNDB-2014-000126", "tags": [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred" ], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126" }, { "name": "SSRT101827", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "name": "TA14-268A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A" }, { "name": "61641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61641" }, { "name": "SUSE-SU-2014:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://access.redhat.com/node/1200223" }, { "name": "SUSE-SU-2014:1287", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914" }, { "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2014/Oct/0" }, { "name": "MDVSA-2015:164", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164" }, { "name": "61619", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61619" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075" }, { "name": "HPSBMU03220", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "60325", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60325" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "name": "60024", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60024" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html" }, { "name": "34879", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/34879/" }, { "name": "61622", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61622" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://access.redhat.com/articles/1200223" }, { "name": "62343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62343" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://advisories.mageia.org/MGASA-2014-0393.html" }, { "name": "61565", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61565" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.suse.com/support/shellshock/" }, { "name": "HPSBST03157", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2" }, { "name": "61313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61313" }, { "name": "SSRT101742", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "name": "61873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61873" }, { "name": "61485", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61485" }, { "name": "openSUSE-SU-2014:1242", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html" }, { "name": "61618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61618" }, { "name": "60947", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60947" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "HPSBST03154", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272" }, { "name": "HPSBGN03142", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2" }, { "name": "61312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61312" }, { "name": "60193", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60193" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html" }, { "name": "61479", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61479" }, { "name": "60063", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60063" }, { "name": "60034", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60034" }, { "name": "HPSBMU03133", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html" }, { "name": "59907", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59907" }, { "name": "58200", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/58200" }, { "name": "HPSBST03181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2" }, { "name": "61643", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61643" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://twitter.com/taviso/statuses/514887394294652929" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.novell.com/support/kb/doc.php?id=7015721" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079" }, { "name": "61503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61503" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246" }, { "name": "RHSA-2014:1354", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html" }, { "name": "HPSBGN03117", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915" }, { "name": "HPSBHF03145", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61" }, { "name": "HPSBST03148", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2" }, { "name": "61552", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61552" }, { "name": "61780", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61780" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.citrix.com/article/CTX200223" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447" }, { "name": "62228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62228" }, { "name": "HPSBGN03138", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2" }, { "name": "61855", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61855" }, { "name": "HPSBHF03124", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2" }, { "name": "60044", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60044" }, { "name": "61291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61291" }, { "name": "HPSBHF03125", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2" }, { "name": "59737", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59737" }, { "name": "61287", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61287" }, { "name": "HPSBHF03146", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2" }, { "name": "HPSBGN03233", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "SSRT101739", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61711", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61711" }, { "name": "HPSBOV03228", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361" }, { "name": "HPSBGN03141", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2" }, { "name": "RHSA-2014:1311", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html" }, { "name": "61128", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61128" }, { "name": "DSA-3035", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-3035" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.citrix.com/article/CTX200217" }, { "name": "61471", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61471" }, { "name": "60055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60055" }, { "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash" }, { "name": "61550", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61550" }, { "name": "61633", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61633" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82" }, { "name": "SUSE-SU-2014:1259", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html" }, { "name": "61328", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61328" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733" }, { "name": "61129", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61129" }, { "name": "61700", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61700" }, { "name": "61626", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61626" }, { "name": "61603", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61603" }, { "name": "61857", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61857" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2014-7169", "options": [ { "Exploitation": "active" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-10T19:31:47.209255Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2022-01-28", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-7169" }, "type": "kev" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-07-30T01:46:49.393Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "timeline": [ { "lang": "en", "time": "2022-01-28T00:00:00+00:00", "value": "CVE-2014-7169 added to CISA KEV" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-24T00:00:00.000Z", "descriptions": [ { "lang": "en", "value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-05T16:41:42.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749" }, { "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32" }, { "name": "HPSBMU03165", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2" }, { "name": "HPSBHF03119", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts" }, { "name": "HPSBST03131", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2" }, { "name": "SSRT101819", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded" }, { "name": "HPSBMU03245", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "name": "openSUSE-SU-2014:1229", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479" }, { "name": "61188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61188" }, { "name": "JVN#55667175", "tags": [ "third-party-advisory", "x_refsource_JVN" ], "url": "http://jvn.jp/en/jp/JVN55667175/index.html" }, { "name": "61676", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61676" }, { "name": "openSUSE-SU-2014:1254", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html" }, { "name": "60433", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60433" }, { "name": "HPSBMU03143", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2" }, { "name": "HPSBMU03182", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2" }, { "name": "RHSA-2014:1306", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html" }, { "name": "HPSBST03155", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541" }, { "name": "61715", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61715" }, { "name": "USN-2363-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2363-2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html" }, { "name": "61816", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61816" }, { "name": "openSUSE-SU-2014:1310", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html" }, { "name": "61442", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61442" }, { "name": "HPSBMU03246", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2" }, { "name": "HPSBST03195", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2" }, { "name": "61283", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61283" }, { "name": "SSRT101711", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085" }, { "name": "openSUSE-SU-2014:1308", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html" }, { "name": "61654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61654" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.novell.com/support/kb/doc.php?id=7015701" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315" }, { "name": "62312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62312" }, { "name": "59272", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59272" }, { "name": "HPSBST03122", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html" }, { "name": "HPSBMU03217", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "name": "RHSA-2014:1312", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604" }, { "name": "USN-2363-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2363-1" }, { "name": "SSRT101868", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61703", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61703" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6495" }, { "name": "VU#252743", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/252743" }, { "name": "61065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61065" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html" }, { "name": "HPSBST03129", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2" }, { "name": "HPSBMU03144", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/security/cve/CVE-2014-7169.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131" }, { "name": "JVNDB-2014-000126", "tags": [ "third-party-advisory", "x_refsource_JVNDB" ], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126" }, { "name": "SSRT101827", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "name": "TA14-268A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A" }, { "name": "61641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61641" }, { "name": "SUSE-SU-2014:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://access.redhat.com/node/1200223" }, { "name": "SUSE-SU-2014:1287", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914" }, { "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2014/Oct/0" }, { "name": "MDVSA-2015:164", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164" }, { "name": "61619", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61619" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075" }, { "name": "HPSBMU03220", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "60325", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60325" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "name": "60024", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60024" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html" }, { "name": "34879", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/34879/" }, { "name": "61622", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61622" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://access.redhat.com/articles/1200223" }, { "name": "62343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62343" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://advisories.mageia.org/MGASA-2014-0393.html" }, { "name": "61565", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61565" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.suse.com/support/shellshock/" }, { "name": "HPSBST03157", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2" }, { "name": "61313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61313" }, { "name": "SSRT101742", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "name": "61873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61873" }, { "name": "61485", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61485" }, { "name": "openSUSE-SU-2014:1242", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html" }, { "name": "61618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61618" }, { "name": "60947", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60947" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "HPSBST03154", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272" }, { "name": "HPSBGN03142", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2" }, { "name": "61312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61312" }, { "name": "60193", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60193" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html" }, { "name": "61479", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61479" }, { "name": "60063", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60063" }, { "name": "60034", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60034" }, { "name": "HPSBMU03133", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html" }, { "name": "59907", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59907" }, { "name": "58200", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/58200" }, { "name": "HPSBST03181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2" }, { "name": "61643", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61643" }, { "tags": [ "x_refsource_MISC" ], "url": "http://twitter.com/taviso/statuses/514887394294652929" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.novell.com/support/kb/doc.php?id=7015721" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079" }, { "name": "61503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61503" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246" }, { "name": "RHSA-2014:1354", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html" }, { "name": "HPSBGN03117", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915" }, { "name": "HPSBHF03145", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61" }, { "name": "HPSBST03148", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2" }, { "name": "61552", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61552" }, { "name": "61780", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61780" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.citrix.com/article/CTX200223" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447" }, { "name": "62228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62228" }, { "name": "HPSBGN03138", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2" }, { "name": "61855", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61855" }, { "name": "HPSBHF03124", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2" }, { "name": "60044", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60044" }, { "name": "61291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61291" }, { "name": "HPSBHF03125", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2" }, { "name": "59737", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59737" }, { "name": "61287", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61287" }, { "name": "HPSBHF03146", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2" }, { "name": "HPSBGN03233", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "SSRT101739", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61711", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61711" }, { "name": "HPSBOV03228", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361" }, { "name": "HPSBGN03141", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2" }, { "name": "RHSA-2014:1311", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html" }, { "name": "61128", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61128" }, { "name": "DSA-3035", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-3035" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.citrix.com/article/CTX200217" }, { "name": "61471", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61471" }, { "name": "60055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60055" }, { "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash" }, { "name": "61550", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61550" }, { "name": "61633", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61633" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82" }, { "name": "SUSE-SU-2014:1259", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html" }, { "name": "61328", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61328" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733" }, { "name": "61129", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61129" }, { "name": "61700", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61700" }, { "name": "61626", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61626" }, { "name": "61603", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61603" }, { "name": "61857", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61857" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-7169", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749" }, { "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32" }, { "name": "HPSBMU03165", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2" }, { "name": "HPSBHF03119", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2" }, { "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts", "refsource": "CONFIRM", "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts" }, { "name": "HPSBST03131", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2" }, { "name": "SSRT101819", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded" }, { "name": "HPSBMU03245", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "name": "openSUSE-SU-2014:1229", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479" }, { "name": "61188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61188" }, { "name": "JVN#55667175", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN55667175/index.html" }, { "name": "61676", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61676" }, { "name": "openSUSE-SU-2014:1254", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html" }, { "name": "60433", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60433" }, { "name": "HPSBMU03143", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2" }, { "name": "HPSBMU03182", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2" }, { "name": "RHSA-2014:1306", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html" }, { "name": "HPSBST03155", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541" }, { "name": "61715", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61715" }, { "name": "USN-2363-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2363-2" }, { "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html" }, { "name": "61816", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61816" }, { "name": "openSUSE-SU-2014:1310", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html" }, { "name": "61442", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61442" }, { "name": "HPSBMU03246", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2" }, { "name": "HPSBST03195", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2" }, { "name": "61283", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61283" }, { "name": "SSRT101711", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085" }, { "name": "openSUSE-SU-2014:1308", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html" }, { "name": "61654", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61654" }, { "name": "http://www.novell.com/support/kb/doc.php?id=7015701", "refsource": "CONFIRM", "url": "http://www.novell.com/support/kb/doc.php?id=7015701" }, { "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", "refsource": "CONFIRM", "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315" }, { "name": "62312", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62312" }, { "name": "59272", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59272" }, { "name": "HPSBST03122", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2" }, { "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", "refsource": "CONFIRM", "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html" }, { "name": "HPSBMU03217", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "name": "RHSA-2014:1312", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604" }, { "name": "USN-2363-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2363-1" }, { "name": "SSRT101868", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61703", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61703" }, { "name": "http://support.apple.com/kb/HT6495", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6495" }, { "name": "VU#252743", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/252743" }, { "name": "61065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61065" }, { "name": "http://linux.oracle.com/errata/ELSA-2014-3075.html", "refsource": "CONFIRM", "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html" }, { "name": "HPSBST03129", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2" }, { "name": "HPSBMU03144", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445" }, { "name": "http://support.novell.com/security/cve/CVE-2014-7169.html", "refsource": "CONFIRM", "url": "http://support.novell.com/security/cve/CVE-2014-7169.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131" }, { "name": "JVNDB-2014-000126", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126" }, { "name": "SSRT101827", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "name": "TA14-268A", "refsource": "CERT", "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A" }, { "name": "61641", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61641" }, { "name": "SUSE-SU-2014:1247", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html" }, { "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648", "refsource": "CONFIRM", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648" }, { "name": "https://access.redhat.com/node/1200223", "refsource": "CONFIRM", "url": "https://access.redhat.com/node/1200223" }, { "name": "SUSE-SU-2014:1287", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914" }, { "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2014/Oct/0" }, { "name": "MDVSA-2015:164", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164" }, { "name": "61619", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61619" }, { "name": "http://linux.oracle.com/errata/ELSA-2014-3078.html", "refsource": "CONFIRM", "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075" }, { "name": "HPSBMU03220", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "60325", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60325" }, { "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", "refsource": "CONFIRM", "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "name": "60024", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60024" }, { "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html" }, { "name": "34879", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/34879/" }, { "name": "61622", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61622" }, { "name": "https://access.redhat.com/articles/1200223", "refsource": "CONFIRM", "url": "https://access.redhat.com/articles/1200223" }, { "name": "62343", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62343" }, { "name": "http://advisories.mageia.org/MGASA-2014-0393.html", "refsource": "CONFIRM", "url": "http://advisories.mageia.org/MGASA-2014-0393.html" }, { "name": "61565", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61565" }, { "name": "https://www.suse.com/support/shellshock/", "refsource": "CONFIRM", "url": "https://www.suse.com/support/shellshock/" }, { "name": "HPSBST03157", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2" }, { "name": "61313", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61313" }, { "name": "SSRT101742", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "name": "61873", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61873" }, { "name": "61485", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61485" }, { "name": "openSUSE-SU-2014:1242", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html" }, { "name": "61618", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61618" }, { "name": "60947", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60947" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "HPSBST03154", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272" }, { "name": "HPSBGN03142", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2" }, { "name": "61312", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61312" }, { "name": "60193", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60193" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html" }, { "name": "61479", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61479" }, { "name": "60063", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60063" }, { "name": "60034", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60034" }, { "name": "HPSBMU03133", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2" }, { "name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", "refsource": "MISC", "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html" }, { "name": "59907", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59907" }, { "name": "58200", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/58200" }, { "name": "HPSBST03181", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2" }, { "name": "61643", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61643" }, { "name": "http://twitter.com/taviso/statuses/514887394294652929", "refsource": "MISC", "url": "http://twitter.com/taviso/statuses/514887394294652929" }, { "name": "http://www.novell.com/support/kb/doc.php?id=7015721", "refsource": "CONFIRM", "url": "http://www.novell.com/support/kb/doc.php?id=7015721" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079" }, { "name": "61503", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61503" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246" }, { "name": "RHSA-2014:1354", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html" }, { "name": "HPSBGN03117", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915" }, { "name": "HPSBHF03145", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2" }, { "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61", "refsource": "CONFIRM", "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61" }, { "name": "HPSBST03148", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2" }, { "name": "61552", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61552" }, { "name": "61780", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61780" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279" }, { "name": "https://support.citrix.com/article/CTX200223", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX200223" }, { "name": "http://linux.oracle.com/errata/ELSA-2014-3077.html", "refsource": "CONFIRM", "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447" }, { "name": "62228", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62228" }, { "name": "HPSBGN03138", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2" }, { "name": "61855", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61855" }, { "name": "HPSBHF03124", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2" }, { "name": "60044", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60044" }, { "name": "61291", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61291" }, { "name": "HPSBHF03125", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2" }, { "name": "59737", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59737" }, { "name": "61287", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61287" }, { "name": "HPSBHF03146", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2" }, { "name": "HPSBGN03233", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "SSRT101739", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61711", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61711" }, { "name": "HPSBOV03228", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361" }, { "name": "HPSBGN03141", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2" }, { "name": "RHSA-2014:1311", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html" }, { "name": "61128", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61128" }, { "name": "DSA-3035", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-3035" }, { "name": "https://support.citrix.com/article/CTX200217", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX200217" }, { "name": "61471", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61471" }, { "name": "60055", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60055" }, { "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash" }, { "name": "61550", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61550" }, { "name": "61633", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61633" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494" }, { "name": "http://linux.oracle.com/errata/ELSA-2014-1306.html", "refsource": "CONFIRM", "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html" }, { "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82", "refsource": "CONFIRM", "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82" }, { "name": "SUSE-SU-2014:1259", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html" }, { "name": "61328", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61328" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733" }, { "name": "61129", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61129" }, { "name": "61700", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61700" }, { "name": "61626", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61626" }, { "name": "61603", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61603" }, { "name": "61857", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61857" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-7169", "datePublished": "2014-09-25T01:00:00.000Z", "dateReserved": "2014-09-24T00:00:00.000Z", "dateUpdated": "2025-07-30T01:46:49.393Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-0066 (GCVE-0-2014-0066)
Vulnerability from cvelistv5
Published
2014-03-28 17:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:05:38.581Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-02-20T00:00:00", "descriptions": [ { "lang": "en", "value": "The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2014:0211", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html" }, { "name": "RHSA-2014:0221", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6448" }, { "name": "RHSA-2014:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.postgresql.org/wiki/20140220securityrelease" }, { "name": "DSA-2864", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2864" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "RHSA-2014:0249", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/about/news/1506/" }, { "name": "USN-2120-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2120-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "DSA-2865", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-2865" }, { "name": "openSUSE-SU-2014:0345", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "openSUSE-SU-2014:0368", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0066", "datePublished": "2014-03-28T17:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:38.581Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4431 (GCVE-0-2014-4431)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Dock in Apple OS X before 10.10 does not properly manage the screen-lock state, which allows physically proximate attackers to view windows by leveraging an unattended workstation.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.595Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "70633", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70633" }, { "name": "macosx-cve20144431-sec-bypass(97638)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97638" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Dock in Apple OS X before 10.10 does not properly manage the screen-lock state, which allows physically proximate attackers to view windows by leveraging an unattended workstation." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "70633", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70633" }, { "name": "macosx-cve20144431-sec-bypass(97638)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97638" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4431", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Dock in Apple OS X before 10.10 does not properly manage the screen-lock state, which allows physically proximate attackers to view windows by leveraging an unattended workstation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "70633", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70633" }, { "name": "macosx-cve20144431-sec-bypass(97638)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97638" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4431", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.595Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-6271 (GCVE-0-2014-6271)
Vulnerability from cvelistv5
Published
2014-09-24 18:00
Modified
2025-07-30 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T12:10:13.276Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "37816", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/37816/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html" }, { "name": "SUSE-SU-2014:1223", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749" }, { "name": "HPSBMU03165", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2" }, { "name": "SSRT101816", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2" }, { "name": "39918", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39918/" }, { "name": "HPSBHF03119", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2" }, { "name": "RHSA-2014:1295", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html" }, { "name": "openSUSE-SU-2014:1226", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts" }, { "name": "HPSBST03131", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2" }, { "name": "SSRT101819", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded" }, { "name": "HPSBMU03245", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479" }, { "name": "HPSBST03196", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2" }, { "name": "61188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61188" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" }, { "name": "JVN#55667175", "tags": [ "third-party-advisory", "x_refsource_JVN", "x_transferred" ], "url": "http://jvn.jp/en/jp/JVN55667175/index.html" }, { "name": "61676", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61676" }, { "name": "40619", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40619/" }, { "name": "openSUSE-SU-2014:1254", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html" }, { "name": "60433", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60433" }, { "name": "38849", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/38849/" }, { "name": "HPSBMU03143", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2" }, { "name": "HPSBMU03182", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673" }, { "name": "SUSE-SU-2014:1260", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html" }, { "name": "HPSBST03155", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541" }, { "name": "61715", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61715" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html" }, { "name": "61816", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61816" }, { "name": "openSUSE-SU-2014:1310", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html" }, { "name": "61442", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61442" }, { "name": "HPSBMU03246", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2" }, { "name": "HPSBST03195", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2" }, { "name": "61283", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61283" }, { "name": "SSRT101711", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "name": "USN-2362-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2362-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085" }, { "name": "openSUSE-SU-2014:1308", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html" }, { "name": "61654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61654" }, { "name": "61542", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61542" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.novell.com/support/kb/doc.php?id=7015701" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315" }, { "name": "62312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62312" }, { "name": "59272", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59272" }, { "name": "HPSBST03122", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html" }, { "name": "HPSBMU03217", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604" }, { "name": "SSRT101868", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61703", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61703" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6495" }, { "name": "VU#252743", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/252743" }, { "name": "61065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61065" }, { "name": "SUSE-SU-2014:1213", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html" }, { "name": "HPSBST03129", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2" }, { "name": "HPSBMU03144", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131" }, { "name": "70103", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70103" }, { "name": "JVNDB-2014-000126", "tags": [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred" ], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126" }, { "name": "SSRT101827", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "name": "TA14-268A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A" }, { "name": "SUSE-SU-2014:1212", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html" }, { "name": "61641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://access.redhat.com/node/1200223" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html" }, { "name": "SUSE-SU-2014:1287", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914" }, { "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2014/Oct/0" }, { "name": "MDVSA-2015:164", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164" }, { "name": "RHSA-2014:1293", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075" }, { "name": "openSUSE-SU-2014:1238", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html" }, { "name": "HPSBMU03220", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "60325", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60325" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "name": "60024", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60024" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html" }, { "name": "34879", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/34879/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://access.redhat.com/articles/1200223" }, { "name": "62343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62343" }, { "name": "61565", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61565" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.suse.com/support/shellshock/" }, { "name": "HPSBST03157", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2" }, { "name": "61313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61313" }, { "name": "SSRT101742", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "name": "61873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61873" }, { "name": "61485", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61485" }, { "name": "60947", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60947" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "HPSBST03154", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2" }, { "name": "HPSBST03265", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272" }, { "name": "HPSBGN03142", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2" }, { "name": "61312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61312" }, { "name": "60193", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60193" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html" }, { "name": "60063", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60063" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html" }, { "name": "60034", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60034" }, { "name": "HPSBMU03133", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html" }, { "name": "59907", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59907" }, { "name": "58200", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/58200" }, { "name": "HPSBST03181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2" }, { "name": "61643", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61643" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.novell.com/support/kb/doc.php?id=7015721" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079" }, { "name": "61503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61503" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246" }, { "name": "RHSA-2014:1354", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html" }, { "name": "40938", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40938/" }, { "name": "HPSBGN03117", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/security/cve/CVE-2014-6271.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915" }, { "name": "61547", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61547" }, { "name": "HPSBHF03145", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61" }, { "name": "HPSBST03148", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2" }, { "name": "61552", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61552" }, { "name": "61780", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61780" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.citrix.com/article/CTX200223" }, { "name": "DSA-3032", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2014/dsa-3032" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447" }, { "name": "62228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62228" }, { "name": "HPSBGN03138", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2" }, { "name": "61855", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61855" }, { "name": "HPSBHF03124", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2" }, { "name": "60044", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60044" }, { "name": "61291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61291" }, { "name": "RHSA-2014:1294", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html" }, { "name": "HPSBHF03125", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2" }, { "name": "59737", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59737" }, { "name": "61287", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61287" }, { "name": "HPSBHF03146", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2" }, { "name": "HPSBGN03233", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597" }, { "name": "SSRT101739", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61711", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61711" }, { "name": "HPSBOV03228", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361" }, { "name": "HPSBGN03141", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://advisories.mageia.org/MGASA-2014-0388.html" }, { "name": "61128", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61128" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.citrix.com/article/CTX200217" }, { "name": "61471", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61471" }, { "name": "60055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60055" }, { "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash" }, { "name": "61550", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61550" }, { "name": "61633", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61633" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82" }, { "name": "61328", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61328" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733" }, { "name": "42938", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/42938/" }, { "name": "61129", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61129" }, { "name": "61700", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61700" }, { "name": "61603", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61603" }, { "name": "61857", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61857" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2014-6271", "options": [ { "Exploitation": "active" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-07T13:45:49.549420Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2022-01-28", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6271" }, "type": "kev" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-07-30T01:46:49.578Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "timeline": [ { "lang": "en", "time": "2022-01-28T00:00:00+00:00", "value": "CVE-2014-6271 added to CISA KEV" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-24T00:00:00.000Z", "descriptions": [ { "lang": "en", "value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-05T16:37:05.000Z", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian" }, "references": [ { "name": "37816", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/37816/" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html" }, { "name": "SUSE-SU-2014:1223", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749" }, { "name": "HPSBMU03165", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2" }, { "name": "SSRT101816", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2" }, { "name": "39918", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39918/" }, { "name": "HPSBHF03119", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2" }, { "name": "RHSA-2014:1295", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html" }, { "name": "openSUSE-SU-2014:1226", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts" }, { "name": "HPSBST03131", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2" }, { "name": "SSRT101819", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded" }, { "name": "HPSBMU03245", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479" }, { "name": "HPSBST03196", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2" }, { "name": "61188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61188" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" }, { "name": "JVN#55667175", "tags": [ "third-party-advisory", "x_refsource_JVN" ], "url": "http://jvn.jp/en/jp/JVN55667175/index.html" }, { "name": "61676", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61676" }, { "name": "40619", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40619/" }, { "name": "openSUSE-SU-2014:1254", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html" }, { "name": "60433", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60433" }, { "name": "38849", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/38849/" }, { "name": "HPSBMU03143", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2" }, { "name": "HPSBMU03182", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673" }, { "name": "SUSE-SU-2014:1260", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html" }, { "name": "HPSBST03155", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541" }, { "name": "61715", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61715" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html" }, { "name": "61816", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61816" }, { "name": "openSUSE-SU-2014:1310", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html" }, { "name": "61442", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61442" }, { "name": "HPSBMU03246", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2" }, { "name": "HPSBST03195", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2" }, { "name": "61283", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61283" }, { "name": "SSRT101711", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "name": "USN-2362-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2362-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085" }, { "name": "openSUSE-SU-2014:1308", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html" }, { "name": "61654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61654" }, { "name": "61542", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61542" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.novell.com/support/kb/doc.php?id=7015701" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315" }, { "name": "62312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62312" }, { "name": "59272", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59272" }, { "name": "HPSBST03122", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html" }, { "name": "HPSBMU03217", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604" }, { "name": "SSRT101868", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61703", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61703" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6495" }, { "name": "VU#252743", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/252743" }, { "name": "61065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61065" }, { "name": "SUSE-SU-2014:1213", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html" }, { "name": "HPSBST03129", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2" }, { "name": "HPSBMU03144", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131" }, { "name": "70103", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70103" }, { "name": "JVNDB-2014-000126", "tags": [ "third-party-advisory", "x_refsource_JVNDB" ], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126" }, { "name": "SSRT101827", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "name": "TA14-268A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A" }, { "name": "SUSE-SU-2014:1212", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html" }, { "name": "61641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://access.redhat.com/node/1200223" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html" }, { "name": "SUSE-SU-2014:1287", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914" }, { "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2014/Oct/0" }, { "name": "MDVSA-2015:164", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164" }, { "name": "RHSA-2014:1293", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075" }, { "name": "openSUSE-SU-2014:1238", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html" }, { "name": "HPSBMU03220", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "60325", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60325" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "name": "60024", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60024" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html" }, { "name": "34879", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/34879/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://access.redhat.com/articles/1200223" }, { "name": "62343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62343" }, { "name": "61565", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61565" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.suse.com/support/shellshock/" }, { "name": "HPSBST03157", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2" }, { "name": "61313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61313" }, { "name": "SSRT101742", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "name": "61873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61873" }, { "name": "61485", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61485" }, { "name": "60947", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60947" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "HPSBST03154", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2" }, { "name": "HPSBST03265", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272" }, { "name": "HPSBGN03142", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2" }, { "name": "61312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61312" }, { "name": "60193", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60193" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html" }, { "name": "60063", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60063" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html" }, { "name": "60034", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60034" }, { "name": "HPSBMU03133", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html" }, { "name": "59907", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59907" }, { "name": "58200", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/58200" }, { "name": "HPSBST03181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2" }, { "name": "61643", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61643" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.novell.com/support/kb/doc.php?id=7015721" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079" }, { "name": "61503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61503" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246" }, { "name": "RHSA-2014:1354", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html" }, { "name": "40938", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40938/" }, { "name": "HPSBGN03117", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/security/cve/CVE-2014-6271.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915" }, { "name": "61547", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61547" }, { "name": "HPSBHF03145", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61" }, { "name": "HPSBST03148", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2" }, { "name": "61552", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61552" }, { "name": "61780", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61780" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.citrix.com/article/CTX200223" }, { "name": "DSA-3032", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2014/dsa-3032" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447" }, { "name": "62228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62228" }, { "name": "HPSBGN03138", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2" }, { "name": "61855", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61855" }, { "name": "HPSBHF03124", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2" }, { "name": "60044", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60044" }, { "name": "61291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61291" }, { "name": "RHSA-2014:1294", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html" }, { "name": "HPSBHF03125", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2" }, { "name": "59737", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59737" }, { "name": "61287", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61287" }, { "name": "HPSBHF03146", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2" }, { "name": "HPSBGN03233", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597" }, { "name": "SSRT101739", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61711", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61711" }, { "name": "HPSBOV03228", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361" }, { "name": "HPSBGN03141", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://advisories.mageia.org/MGASA-2014-0388.html" }, { "name": "61128", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61128" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.citrix.com/article/CTX200217" }, { "name": "61471", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61471" }, { "name": "60055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60055" }, { "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash" }, { "name": "61550", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61550" }, { "name": "61633", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61633" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82" }, { "name": "61328", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61328" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733" }, { "name": "42938", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/42938/" }, { "name": "61129", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61129" }, { "name": "61700", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61700" }, { "name": "61603", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61603" }, { "name": "61857", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61857" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@debian.org", "ID": "CVE-2014-6271", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "37816", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/37816/" }, { "name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html" }, { "name": "SUSE-SU-2014:1223", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749" }, { "name": "HPSBMU03165", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2" }, { "name": "SSRT101816", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2" }, { "name": "39918", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39918/" }, { "name": "HPSBHF03119", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2" }, { "name": "RHSA-2014:1295", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html" }, { "name": "openSUSE-SU-2014:1226", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html" }, { "name": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/", "refsource": "CONFIRM", "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/" }, { "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts", "refsource": "CONFIRM", "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts" }, { "name": "HPSBST03131", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2" }, { "name": "SSRT101819", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded" }, { "name": "HPSBMU03245", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479" }, { "name": "HPSBST03196", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2" }, { "name": "61188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61188" }, { "name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "refsource": "CONFIRM", "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" }, { "name": "JVN#55667175", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN55667175/index.html" }, { "name": "61676", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61676" }, { "name": "40619", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40619/" }, { "name": "openSUSE-SU-2014:1254", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html" }, { "name": "60433", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60433" }, { "name": "38849", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/38849/" }, { "name": "HPSBMU03143", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2" }, { "name": "HPSBMU03182", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673" }, { "name": "SUSE-SU-2014:1260", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html" }, { "name": "HPSBST03155", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541" }, { "name": "61715", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61715" }, { "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html" }, { "name": "61816", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61816" }, { "name": "openSUSE-SU-2014:1310", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html" }, { "name": "61442", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61442" }, { "name": "HPSBMU03246", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2" }, { "name": "HPSBST03195", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2" }, { "name": "61283", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61283" }, { "name": "SSRT101711", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "name": "USN-2362-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2362-1" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085" }, { "name": "openSUSE-SU-2014:1308", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html" }, { "name": "61654", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61654" }, { "name": "61542", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61542" }, { "name": "http://www.novell.com/support/kb/doc.php?id=7015701", "refsource": "CONFIRM", "url": "http://www.novell.com/support/kb/doc.php?id=7015701" }, { "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", "refsource": "CONFIRM", "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315" }, { "name": "62312", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62312" }, { "name": "59272", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59272" }, { "name": "HPSBST03122", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2" }, { "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", "refsource": "CONFIRM", "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html" }, { "name": "HPSBMU03217", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604" }, { "name": "SSRT101868", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61703", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61703" }, { "name": "http://support.apple.com/kb/HT6495", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6495" }, { "name": "VU#252743", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/252743" }, { "name": "61065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61065" }, { "name": "SUSE-SU-2014:1213", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html" }, { "name": "HPSBST03129", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2" }, { "name": "HPSBMU03144", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131" }, { "name": "70103", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70103" }, { "name": "JVNDB-2014-000126", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126" }, { "name": "SSRT101827", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2" }, { "name": "TA14-268A", "refsource": "CERT", "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A" }, { "name": "SUSE-SU-2014:1212", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html" }, { "name": "61641", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61641" }, { "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648", "refsource": "CONFIRM", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648" }, { "name": "https://access.redhat.com/node/1200223", "refsource": "CONFIRM", "url": "https://access.redhat.com/node/1200223" }, { "name": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html" }, { "name": "SUSE-SU-2014:1287", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914" }, { "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2014/Oct/0" }, { "name": "MDVSA-2015:164", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164" }, { "name": "RHSA-2014:1293", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075" }, { "name": "openSUSE-SU-2014:1238", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html" }, { "name": "HPSBMU03220", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2" }, { "name": "60325", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60325" }, { "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", "refsource": "CONFIRM", "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "name": "60024", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60024" }, { "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html" }, { "name": "34879", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/34879/" }, { "name": "https://access.redhat.com/articles/1200223", "refsource": "CONFIRM", "url": "https://access.redhat.com/articles/1200223" }, { "name": "62343", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62343" }, { "name": "61565", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61565" }, { "name": "https://www.suse.com/support/shellshock/", "refsource": "CONFIRM", "url": "https://www.suse.com/support/shellshock/" }, { "name": "HPSBST03157", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2" }, { "name": "61313", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61313" }, { "name": "SSRT101742", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2" }, { "name": "61873", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61873" }, { "name": "61485", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61485" }, { "name": "60947", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60947" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "HPSBST03154", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2" }, { "name": "HPSBST03265", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272" }, { "name": "HPSBGN03142", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2" }, { "name": "61312", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61312" }, { "name": "60193", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60193" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html" }, { "name": "http://linux.oracle.com/errata/ELSA-2014-1294.html", "refsource": "CONFIRM", "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html" }, { "name": "60063", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60063" }, { "name": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html" }, { "name": "60034", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60034" }, { "name": "HPSBMU03133", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2" }, { "name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", "refsource": "MISC", "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html" }, { "name": "59907", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59907" }, { "name": "58200", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/58200" }, { "name": "HPSBST03181", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2" }, { "name": "61643", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61643" }, { "name": "http://www.novell.com/support/kb/doc.php?id=7015721", "refsource": "CONFIRM", "url": "http://www.novell.com/support/kb/doc.php?id=7015721" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079" }, { "name": "61503", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61503" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246" }, { "name": "RHSA-2014:1354", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html" }, { "name": "40938", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40938/" }, { "name": "HPSBGN03117", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2" }, { "name": "http://support.novell.com/security/cve/CVE-2014-6271.html", "refsource": "CONFIRM", "url": "http://support.novell.com/security/cve/CVE-2014-6271.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915" }, { "name": "61547", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61547" }, { "name": "HPSBHF03145", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2" }, { "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61", "refsource": "CONFIRM", "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61" }, { "name": "HPSBST03148", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2" }, { "name": "61552", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61552" }, { "name": "61780", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61780" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279" }, { "name": "https://support.citrix.com/article/CTX200223", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX200223" }, { "name": "DSA-3032", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-3032" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447" }, { "name": "62228", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62228" }, { "name": "HPSBGN03138", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2" }, { "name": "61855", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61855" }, { "name": "HPSBHF03124", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2" }, { "name": "60044", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60044" }, { "name": "61291", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61291" }, { "name": "RHSA-2014:1294", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html" }, { "name": "HPSBHF03125", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2" }, { "name": "59737", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59737" }, { "name": "61287", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61287" }, { "name": "HPSBHF03146", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2" }, { "name": "HPSBGN03233", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597" }, { "name": "SSRT101739", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "name": "61711", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61711" }, { "name": "HPSBOV03228", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361" }, { "name": "HPSBGN03141", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2" }, { "name": "http://advisories.mageia.org/MGASA-2014-0388.html", "refsource": "CONFIRM", "url": "http://advisories.mageia.org/MGASA-2014-0388.html" }, { "name": "61128", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61128" }, { "name": "https://support.citrix.com/article/CTX200217", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX200217" }, { "name": "61471", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61471" }, { "name": "60055", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60055" }, { "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash" }, { "name": "61550", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61550" }, { "name": "61633", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61633" }, { "name": "http://linux.oracle.com/errata/ELSA-2014-1293.html", "refsource": "CONFIRM", "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494" }, { "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82", "refsource": "CONFIRM", "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82" }, { "name": "61328", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61328" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733" }, { "name": "42938", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/42938/" }, { "name": "61129", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61129" }, { "name": "61700", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61700" }, { "name": "61603", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61603" }, { "name": "61857", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61857" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879" }, { "name": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006" } ] } } } }, "cveMetadata": { "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2014-6271", "datePublished": "2014-09-24T18:00:00.000Z", "dateReserved": "2014-09-09T00:00:00.000Z", "dateUpdated": "2025-07-30T01:46:49.578Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4447 (GCVE-0-2014-4447)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.589Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1031071", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031071" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "macosx-cve20144447-info-disc(97646)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97646" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "1031071", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031071" }, { "name": "APPLE-SA-2014-10-16-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6536" }, { "name": "macosx-cve20144447-info-disc(97646)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97646" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4447", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1031071", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031071" }, { "name": "APPLE-SA-2014-10-16-3", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "name": "https://support.apple.com/kb/HT6536", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6536" }, { "name": "macosx-cve20144447-info-disc(97646)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97646" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4447", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.589Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4373 (GCVE-0-2014-4373)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.138Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "appleios-cve20144373-dos(96108)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96108" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "69934", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69934" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "appleios-cve20144373-dos(96108)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96108" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "69934", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69934" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4373", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "appleios-cve20144373-dos(96108)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96108" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" }, { "name": "69934", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69934" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4373", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.138Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4422 (GCVE-0-2014-4422)
Vulnerability from cvelistv5
Published
2014-09-18 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardening protection mechanisms by using a user-space process to observe data related to the random numbers.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.531Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "appleios-cve20144422-sec-bypass(96096)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96096" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69882" }, { "name": "69911", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/69911" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardening protection mechanisms by using a user-space process to observe data related to the random numbers." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1030866" }, { "name": "appleios-cve20144422-sec-bypass(96096)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96096" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69882" }, { "name": "69911", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/69911" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4422", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardening protection mechanisms by using a user-space process to observe data related to the random numbers." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.apple.com/kb/HT6441", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6441" }, { "name": "1030866", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030866" }, { "name": "appleios-cve20144422-sec-bypass(96096)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96096" }, { "name": "http://support.apple.com/kb/HT6442", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6442" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "APPLE-SA-2014-09-17-2", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" }, { "name": "69882", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69882" }, { "name": "69911", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69911" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "APPLE-SA-2014-09-17-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4422", "datePublished": "2014-09-18T10:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.531Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4436 (GCVE-0-2014-4436)
Vulnerability from cvelistv5
Published
2014-10-18 01:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IOHIDFamily in Apple OS X before 10.10 allows attackers to cause denial of service (out-of-bounds read operation) via a crafted application.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:12:35.707Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "70616", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70616" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031063" }, { "name": "macosx-cve20144436-dos(97635)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-16T00:00:00", "descriptions": [ { "lang": "en", "value": "IOHIDFamily in Apple OS X before 10.10 allows attackers to cause denial of service (out-of-bounds read operation) via a crafted application." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "70616", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70616" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031063" }, { "name": "macosx-cve20144436-dos(97635)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4436", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IOHIDFamily in Apple OS X before 10.10 allows attackers to cause denial of service (out-of-bounds read operation) via a crafted application." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "70616", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70616" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "1031063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031063" }, { "name": "macosx-cve20144436-dos(97635)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97635" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4436", "datePublished": "2014-10-18T01:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2024-08-06T11:12:35.707Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-0098 (GCVE-0-2014-0098)
Vulnerability from cvelistv5
Published
2014-03-18 01:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:05:38.970Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1" }, { "name": "59315", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59315" }, { "name": "58230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/58230" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT204659" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://advisories.mageia.org/MGASA-2014-0135.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15320.html" }, { "name": "GLSA-201408-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-201408-12.xml" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092" }, { "name": "58915", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/58915" }, { "name": "60536", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://puppet.com/security/cve/cve-2014-0098" }, { "name": "66303", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/66303" }, { "name": "HPSBUX03102", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "name": "HPSBUX03150", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2" }, { "name": "59219", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59219" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "59345", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/59345" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2014/Dec/23" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c?r1=1575394\u0026r2=1575400\u0026diff_format=h" }, { "name": "SSRT101681", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091" }, { "name": "USN-2152-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2152-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.9" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21668973" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-03-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-06T10:12:12", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1" }, { "name": "59315", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59315" }, { "name": "58230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/58230" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT204659" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://advisories.mageia.org/MGASA-2014-0135.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15320.html" }, { "name": "GLSA-201408-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-201408-12.xml" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092" }, { "name": "58915", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/58915" }, { "name": "60536", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://puppet.com/security/cve/cve-2014-0098" }, { "name": "66303", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/66303" }, { "name": "HPSBUX03102", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "name": "HPSBUX03150", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2" }, { "name": "59219", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59219" }, { "name": "APPLE-SA-2014-10-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "59345", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/59345" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT6535" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2014/Dec/23" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c?r1=1575394\u0026r2=1575400\u0026diff_format=h" }, { "name": "SSRT101681", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091" }, { "name": "USN-2152-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2152-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.9" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21668973" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-0098", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1", "refsource": "CONFIRM", "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1" }, { "name": "59315", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59315" }, { "name": "58230", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/58230" }, { "name": "https://support.apple.com/HT204659", "refsource": "CONFIRM", "url": "https://support.apple.com/HT204659" }, { "name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c" }, { "name": "http://advisories.mageia.org/MGASA-2014-0135.html", "refsource": "CONFIRM", "url": "http://advisories.mageia.org/MGASA-2014-0135.html" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698" }, { "name": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES", "refsource": "CONFIRM", "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" }, { "name": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15320.html", "refsource": "CONFIRM", "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15320.html" }, { "name": "GLSA-201408-12", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201408-12.xml" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092" }, { "name": "58915", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/58915" }, { "name": "60536", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60536" }, { "name": "https://puppet.com/security/cve/cve-2014-0098", "refsource": "CONFIRM", "url": "https://puppet.com/security/cve/cve-2014-0098" }, { "name": "66303", "refsource": "BID", "url": "http://www.securityfocus.com/bid/66303" }, { "name": "HPSBUX03102", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "name": "HPSBUX03150", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2" }, { "name": "59219", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59219" }, { "name": "APPLE-SA-2014-10-16-1", "refsource": "APPLE", "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "name": "59345", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59345" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" }, { "name": "APPLE-SA-2015-04-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "name": "https://support.apple.com/kb/HT6535", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT6535" }, { "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2014/Dec/23" }, { "name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c?r1=1575394\u0026r2=1575400\u0026diff_format=h", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c?r1=1575394\u0026r2=1575400\u0026diff_format=h" }, { "name": "SSRT101681", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2" }, { "name": "https://httpd.apache.org/security/vulnerabilities_24.html", "refsource": "CONFIRM", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091" }, { "name": "USN-2152-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2152-1" }, { "name": "http://www.apache.org/dist/httpd/CHANGES_2.4.9", "refsource": "CONFIRM", "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.9" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21668973", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21668973" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0098", "datePublished": "2014-03-18T01:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:38.970Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…