certfr_avis - certfr-2014-avi-480

Vendor	Product	Description
Juniper Networks	N/A	CTPOS versions antérieures à 6.6R2
ESET	Security	Juniper Security Threat Response Manager versions 2012.1, 2013.1, 2013.2
Juniper Networks	N/A	CTPView versions 4.2, 4.3, 4.4, 4.5, 4.6
Juniper Networks	Junos Space	Junos Space jusqu'à la version 13.3
Juniper Networks	Secure Analytics	Juniper Secure Analytics versions 2013.2, 2014.1, 2014.2
ESET	Security	Network and Security Manager (NSM) version 2012.2

CVE-2010-4008 (GCVE-0-2010-4008)

Vulnerability from cvelistv5

Published

2010-11-16 23:00

Modified

2024-08-07 03:26

Severity ?

CWE

n/a

Summary

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.

References

URL

Tags

	http://secunia.com/advisories/40775	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/42175	third-party-advisory, x_refsource_SECUNIA
	http://mail.gnome.org/archives/xml/2010-November/msg00015.html	mailing-list, x_refsource_MLIST
	http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=130331363227777&w=2	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/bid/44779	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2011/0230	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/3046	vdb-entry, x_refsource_VUPEN
	http://rhn.redhat.com/errata/RHSA-2013-0217.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-1016-1	vendor-advisory, x_refsource_UBUNTU
	http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/	x_refsource_MISC
	http://secunia.com/advisories/42109	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT4566	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://www.redhat.com/support/errata/RHSA-2011-1749.html	vendor-advisory, x_refsource_REDHAT
	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/3100	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/42314	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT4554	x_refsource_CONFIRM
	http://www.debian.org/security/2010/dsa-2128	vendor-advisory, x_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:243	vendor-advisory, x_refsource_MANDRIVA
	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html	vendor-advisory, x_refsource_APPLE
	http://marc.info/?l=bugtraq&m=130331363227777&w=2	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2010/3076	vdb-entry, x_refsource_VUPEN
	http://support.apple.com/kb/HT4456	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148	vdb-entry, signature, x_refsource_OVAL
	http://code.google.com/p/chromium/issues/detail?id=58731	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=139447903326211&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/42429	third-party-advisory, x_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT4581	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:12.386Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "40775",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40775"
          },
          {
            "name": "42175",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42175"
          },
          {
            "name": "[xml] 20101104 Release of libxml2-2.7.8",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.gnome.org/archives/xml/2010-November/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"
          },
          {
            "name": "HPSBMA02662",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
          },
          {
            "name": "44779",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/44779"
          },
          {
            "name": "ADV-2011-0230",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0230"
          },
          {
            "name": "ADV-2010-3046",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3046"
          },
          {
            "name": "RHSA-2013:0217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
          },
          {
            "name": "USN-1016-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1016-1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/"
          },
          {
            "name": "42109",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42109"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "name": "SUSE-SR:2010:023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
          },
          {
            "name": "RHSA-2011:1749",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
          },
          {
            "name": "APPLE-SA-2011-03-21-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
          },
          {
            "name": "APPLE-SA-2011-03-02-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html"
          },
          {
            "name": "ADV-2010-3100",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3100"
          },
          {
            "name": "42314",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42314"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4554"
          },
          {
            "name": "DSA-2128",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2128"
          },
          {
            "name": "MDVSA-2010:243",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:243"
          },
          {
            "name": "APPLE-SA-2011-03-09-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
          },
          {
            "name": "SSRT100409",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
          },
          {
            "name": "ADV-2010-3076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3076"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4456"
          },
          {
            "name": "oval:org.mitre.oval:def:12148",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=58731"
          },
          {
            "name": "HPSBGN02970",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
          },
          {
            "name": "42429",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42429"
          },
          {
            "name": "APPLE-SA-2010-11-22-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4581"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-11-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "40775",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40775"
        },
        {
          "name": "42175",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42175"
        },
        {
          "name": "[xml] 20101104 Release of libxml2-2.7.8",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.gnome.org/archives/xml/2010-November/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"
        },
        {
          "name": "HPSBMA02662",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
        },
        {
          "name": "44779",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/44779"
        },
        {
          "name": "ADV-2011-0230",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0230"
        },
        {
          "name": "ADV-2010-3046",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3046"
        },
        {
          "name": "RHSA-2013:0217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
        },
        {
          "name": "USN-1016-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1016-1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/"
        },
        {
          "name": "42109",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42109"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4566"
        },
        {
          "name": "SUSE-SR:2010:023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
        },
        {
          "name": "RHSA-2011:1749",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
        },
        {
          "name": "APPLE-SA-2011-03-21-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
        },
        {
          "name": "APPLE-SA-2011-03-02-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html"
        },
        {
          "name": "ADV-2010-3100",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3100"
        },
        {
          "name": "42314",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42314"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4554"
        },
        {
          "name": "DSA-2128",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2128"
        },
        {
          "name": "MDVSA-2010:243",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:243"
        },
        {
          "name": "APPLE-SA-2011-03-09-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
        },
        {
          "name": "SSRT100409",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
        },
        {
          "name": "ADV-2010-3076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3076"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4456"
        },
        {
          "name": "oval:org.mitre.oval:def:12148",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=58731"
        },
        {
          "name": "HPSBGN02970",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
        },
        {
          "name": "42429",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42429"
        },
        {
          "name": "APPLE-SA-2010-11-22-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4581"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2010-4008",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "40775",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40775"
            },
            {
              "name": "42175",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42175"
            },
            {
              "name": "[xml] 20101104 Release of libxml2-2.7.8",
              "refsource": "MLIST",
              "url": "http://mail.gnome.org/archives/xml/2010-November/msg00015.html"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"
            },
            {
              "name": "HPSBMA02662",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
            },
            {
              "name": "44779",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/44779"
            },
            {
              "name": "ADV-2011-0230",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0230"
            },
            {
              "name": "ADV-2010-3046",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3046"
            },
            {
              "name": "RHSA-2013:0217",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
            },
            {
              "name": "USN-1016-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1016-1"
            },
            {
              "name": "http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/",
              "refsource": "MISC",
              "url": "http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/"
            },
            {
              "name": "42109",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42109"
            },
            {
              "name": "http://support.apple.com/kb/HT4566",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4566"
            },
            {
              "name": "SUSE-SR:2010:023",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
            },
            {
              "name": "RHSA-2011:1749",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
            },
            {
              "name": "APPLE-SA-2011-03-21-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
            },
            {
              "name": "APPLE-SA-2011-03-02-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
            },
            {
              "name": "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html",
              "refsource": "CONFIRM",
              "url": "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html"
            },
            {
              "name": "ADV-2010-3100",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3100"
            },
            {
              "name": "42314",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42314"
            },
            {
              "name": "http://support.apple.com/kb/HT4554",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4554"
            },
            {
              "name": "DSA-2128",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2010/dsa-2128"
            },
            {
              "name": "MDVSA-2010:243",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:243"
            },
            {
              "name": "APPLE-SA-2011-03-09-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
            },
            {
              "name": "SSRT100409",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
            },
            {
              "name": "ADV-2010-3076",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3076"
            },
            {
              "name": "http://support.apple.com/kb/HT4456",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4456"
            },
            {
              "name": "oval:org.mitre.oval:def:12148",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=58731",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=58731"
            },
            {
              "name": "HPSBGN02970",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
            },
            {
              "name": "42429",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42429"
            },
            {
              "name": "APPLE-SA-2010-11-22-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4581",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4581"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2010-4008",
    "datePublished": "2010-11-16T23:00:00",
    "dateReserved": "2010-10-20T00:00:00",
    "dateUpdated": "2024-08-07T03:26:12.386Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-4609 (GCVE-0-2011-4609)

Vulnerability from cvelistv5

Published

2013-05-02 14:00

Modified

2024-08-07 00:09

Severity ?

CWE

n/a

Summary

The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.

References

URL

Tags

https://bugzilla.redhat.com/show_bug.cgi?id=767299

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:09:19.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=767299"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-05-02T14:00:00Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=767299"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-4609",
    "datePublished": "2013-05-02T14:00:00Z",
    "dateReserved": "2011-11-29T00:00:00Z",
    "dateUpdated": "2024-08-07T00:09:19.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0421 (GCVE-0-2011-0421)

Vulnerability from cvelistv5

Published

2011-03-20 01:00

Modified

2024-08-06 21:51

Severity ?

CWE

n/a

Summary

The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation.

References

URL

Tags

	http://www.mandriva.com/security/advisories?name=MDVSA-2011:099	vendor-advisory, x_refsource_MANDRIVA
	http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html	vendor-advisory, x_refsource_FEDORA
	http://www.vupen.com/english/advisories/2011/0764	vdb-entry, x_refsource_VUPEN
	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html	vendor-advisory, x_refsource_FEDORA
	http://securityreason.com/securityalert/8146	third-party-advisory, x_refsource_SREASON
	https://bugzilla.redhat.com/show_bug.cgi?id=688735	x_refsource_CONFIRM
	http://secunia.com/advisories/43621	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:053	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2011/dsa-2266	vendor-advisory, x_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2011/0890	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/66173	vdb-entry, x_refsource_XF
	http://www.php.net/releases/5_3_6.php	x_refsource_CONFIRM
	http://svn.php.net/viewvc/?view=revision&revision=307867	x_refsource_CONFIRM
	http://securityreason.com/achievement_securityalert/96	third-party-advisory, x_refsource_SREASONRES
	http://www.php.net/ChangeLog-5.php	x_refsource_CONFIRM
	http://www.php.net/archive/2011.php	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisory, x_refsource_HP
	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/archive/1/517065/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.exploit-db.com/exploits/17004	exploit, x_refsource_EXPLOIT-DB
	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html	vendor-advisory, x_refsource_FEDORA
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:052	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2011/0744	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/46354	vdb-entry, x_refsource_BID
	http://support.apple.com/kb/HT5002	x_refsource_CONFIRM
	http://bugs.php.net/bug.php?id=53885	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:51:09.075Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2011:099",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:099"
          },
          {
            "name": "HPSBOV02763",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
          },
          {
            "name": "SUSE-SR:2011:009",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
          },
          {
            "name": "FEDORA-2011-3636",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html"
          },
          {
            "name": "ADV-2011-0764",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0764"
          },
          {
            "name": "FEDORA-2011-3614",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html"
          },
          {
            "name": "8146",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8146"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688735"
          },
          {
            "name": "43621",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43621"
          },
          {
            "name": "MDVSA-2011:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
          },
          {
            "name": "DSA-2266",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2266"
          },
          {
            "name": "ADV-2011-0890",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0890"
          },
          {
            "name": "libzip-zipnamelocate-dos(66173)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66173"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/releases/5_3_6.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.php.net/viewvc/?view=revision\u0026revision=307867"
          },
          {
            "name": "20110318 libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASONRES",
              "x_transferred"
            ],
            "url": "http://securityreason.com/achievement_securityalert/96"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/archive/2011.php"
          },
          {
            "name": "SSRT100826",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
          },
          {
            "name": "APPLE-SA-2011-10-12-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "name": "20110318 libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/517065/100/0/threaded"
          },
          {
            "name": "17004",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/17004"
          },
          {
            "name": "FEDORA-2011-3666",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html"
          },
          {
            "name": "MDVSA-2011:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052"
          },
          {
            "name": "ADV-2011-0744",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0744"
          },
          {
            "name": "46354",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46354"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.php.net/bug.php?id=53885"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "MDVSA-2011:099",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:099"
        },
        {
          "name": "HPSBOV02763",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
        },
        {
          "name": "SUSE-SR:2011:009",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
        },
        {
          "name": "FEDORA-2011-3636",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html"
        },
        {
          "name": "ADV-2011-0764",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0764"
        },
        {
          "name": "FEDORA-2011-3614",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html"
        },
        {
          "name": "8146",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8146"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688735"
        },
        {
          "name": "43621",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43621"
        },
        {
          "name": "MDVSA-2011:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
        },
        {
          "name": "DSA-2266",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2266"
        },
        {
          "name": "ADV-2011-0890",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0890"
        },
        {
          "name": "libzip-zipnamelocate-dos(66173)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66173"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/releases/5_3_6.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.php.net/viewvc/?view=revision\u0026revision=307867"
        },
        {
          "name": "20110318 libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASONRES"
          ],
          "url": "http://securityreason.com/achievement_securityalert/96"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/archive/2011.php"
        },
        {
          "name": "SSRT100826",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
        },
        {
          "name": "APPLE-SA-2011-10-12-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
        },
        {
          "name": "20110318 libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/517065/100/0/threaded"
        },
        {
          "name": "17004",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/17004"
        },
        {
          "name": "FEDORA-2011-3666",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html"
        },
        {
          "name": "MDVSA-2011:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052"
        },
        {
          "name": "ADV-2011-0744",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0744"
        },
        {
          "name": "46354",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46354"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5002"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.php.net/bug.php?id=53885"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2011-0421",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2011:099",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:099"
            },
            {
              "name": "HPSBOV02763",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
            },
            {
              "name": "SUSE-SR:2011:009",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
            },
            {
              "name": "FEDORA-2011-3636",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html"
            },
            {
              "name": "ADV-2011-0764",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0764"
            },
            {
              "name": "FEDORA-2011-3614",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html"
            },
            {
              "name": "8146",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8146"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=688735",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688735"
            },
            {
              "name": "43621",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43621"
            },
            {
              "name": "MDVSA-2011:053",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
            },
            {
              "name": "DSA-2266",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2266"
            },
            {
              "name": "ADV-2011-0890",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0890"
            },
            {
              "name": "libzip-zipnamelocate-dos(66173)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66173"
            },
            {
              "name": "http://www.php.net/releases/5_3_6.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/releases/5_3_6.php"
            },
            {
              "name": "http://svn.php.net/viewvc/?view=revision\u0026revision=307867",
              "refsource": "CONFIRM",
              "url": "http://svn.php.net/viewvc/?view=revision\u0026revision=307867"
            },
            {
              "name": "20110318 libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)",
              "refsource": "SREASONRES",
              "url": "http://securityreason.com/achievement_securityalert/96"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-5.php"
            },
            {
              "name": "http://www.php.net/archive/2011.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/archive/2011.php"
            },
            {
              "name": "SSRT100826",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
            },
            {
              "name": "APPLE-SA-2011-10-12-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
            },
            {
              "name": "20110318 libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/517065/100/0/threaded"
            },
            {
              "name": "17004",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/17004"
            },
            {
              "name": "FEDORA-2011-3666",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html"
            },
            {
              "name": "MDVSA-2011:052",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052"
            },
            {
              "name": "ADV-2011-0744",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0744"
            },
            {
              "name": "46354",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46354"
            },
            {
              "name": "http://support.apple.com/kb/HT5002",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5002"
            },
            {
              "name": "http://bugs.php.net/bug.php?id=53885",
              "refsource": "CONFIRM",
              "url": "http://bugs.php.net/bug.php?id=53885"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2011-0421",
    "datePublished": "2011-03-20T01:00:00",
    "dateReserved": "2011-01-11T00:00:00",
    "dateUpdated": "2024-08-06T21:51:09.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0095 (GCVE-0-2014-0095)

Vulnerability from cvelistv5

Published

2014-05-31 10:00

Modified

2024-08-06 09:05

Severity ?

CWE

n/a

Summary

java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP request to trigger a hang in request processing.

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg21681528	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/May/134	mailing-list, x_refsource_FULLDISC
	http://tomcat.apache.org/security-8.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21678231	x_refsource_CONFIRM
	http://secunia.com/advisories/59873	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/67673	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1578392	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1030300	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/60729	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:38.232Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
          },
          {
            "name": "20140527 [SECURITY] CVE-2014-0095 Apache Tomcat denial of service",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/May/134"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-8.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
          },
          {
            "name": "59873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59873"
          },
          {
            "name": "67673",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/67673"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578392"
          },
          {
            "name": "1030300",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030300"
          },
          {
            "name": "60729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60729"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a \"Content-Length: 0\" AJP request to trigger a hang in request processing."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-14T16:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
        },
        {
          "name": "20140527 [SECURITY] CVE-2014-0095 Apache Tomcat denial of service",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/May/134"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-8.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
        },
        {
          "name": "59873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59873"
        },
        {
          "name": "67673",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/67673"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578392"
        },
        {
          "name": "1030300",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030300"
        },
        {
          "name": "60729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60729"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-0095",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a \"Content-Length: 0\" AJP request to trigger a hang in request processing."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
            },
            {
              "name": "20140527 [SECURITY] CVE-2014-0095 Apache Tomcat denial of service",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/May/134"
            },
            {
              "name": "http://tomcat.apache.org/security-8.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-8.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
            },
            {
              "name": "59873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59873"
            },
            {
              "name": "67673",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/67673"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578392",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578392"
            },
            {
              "name": "1030300",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030300"
            },
            {
              "name": "60729",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60729"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0095",
    "datePublished": "2014-05-31T10:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:38.232Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-3368 (GCVE-0-2011-3368)

Vulnerability from cvelistv5

Published

2011-10-05 22:00

Modified

2024-08-06 23:29

Severity ?

CWE

n/a

Summary

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.

References

URL

Tags

	http://web.archiveorange.com/archive/v/ZyS0hzECD5zzb2NkvQlt	mailing-list, x_refsource_MLIST
	http://svn.apache.org/viewvc?view=revision&revision=1179239	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=134987041210674&w=2	vendor-advisory, x_refsource_HP
	http://www.contextis.com/research/blog/reverseproxybypass/	x_refsource_MISC
	http://seclists.org/fulldisclosure/2011/Oct/273	mailing-list, x_refsource_FULLDISC
	http://www.redhat.com/support/errata/RHSA-2011-1391.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48	vendor-advisory, x_refsource_AIXAPAR
	http://rhn.redhat.com/errata/RHSA-2012-0543.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=134987041210674&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/46288	third-party-advisory, x_refsource_SECUNIA
	http://osvdb.org/76079	vdb-entry, x_refsource_OSVDB
	http://www.exploit-db.com/exploits/17969	exploit, x_refsource_EXPLOIT-DB
	http://marc.info/?l=bugtraq&m=133294460209056&w=2	vendor-advisory, x_refsource_HP
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/49957	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=nas2064c7e5f53452ff686257927003c8d42	vendor-advisory, x_refsource_AIXAPAR
	http://marc.info/?l=bugtraq&m=133294460209056&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2012-0542.html	vendor-advisory, x_refsource_REDHAT
	http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT5501	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/70336	vdb-entry, x_refsource_XF
	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=740045	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1026144	vdb-entry, x_refsource_SECTRACK
	http://www.redhat.com/support/errata/RHSA-2011-1392.html	vendor-advisory, x_refsource_REDHAT
	http://seclists.org/fulldisclosure/2011/Oct/232	mailing-list, x_refsource_FULLDISC
	http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html	vendor-advisory, x_refsource_SUSE
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:144	vendor-advisory, x_refsource_MANDRIVA
	http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/46414	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/48551	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2012/dsa-2405	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html	vendor-advisory, x_refsource_SUSE
	http://kb.juniper.net/JSA10585	x_refsource_CONFIRM
	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:29:56.890Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[announce] 20111005 Advisory: mod_proxy reverse proxy exposure (CVE-2011-3368)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://web.archiveorange.com/archive/v/ZyS0hzECD5zzb2NkvQlt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1179239"
          },
          {
            "name": "SSRT100966",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.contextis.com/research/blog/reverseproxybypass/"
          },
          {
            "name": "20111005 Context IS Advisory - Apache Reverse Proxy Bypass Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2011/Oct/273"
          },
          {
            "name": "RHSA-2011:1391",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1391.html"
          },
          {
            "name": "SE49724",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48"
          },
          {
            "name": "RHSA-2012:0543",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0543.html"
          },
          {
            "name": "HPSBOV02822",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
          },
          {
            "name": "46288",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46288"
          },
          {
            "name": "76079",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/76079"
          },
          {
            "name": "17969",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/17969"
          },
          {
            "name": "SSRT100772",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "name": "49957",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/49957"
          },
          {
            "name": "SE49723",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas2064c7e5f53452ff686257927003c8d42"
          },
          {
            "name": "HPSBMU02748",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
          },
          {
            "name": "RHSA-2012:0542",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0542.html"
          },
          {
            "name": "APPLE-SA-2012-09-19-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5501"
          },
          {
            "name": "apache-modproxy-information-disclosure(70336)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70336"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=740045"
          },
          {
            "name": "1026144",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026144"
          },
          {
            "name": "RHSA-2011:1392",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1392.html"
          },
          {
            "name": "20111005 Apache HTTP Server: mod_proxy reverse proxy exposure (CVE-2011-3368)",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2011/Oct/232"
          },
          {
            "name": "openSUSE-SU-2013:0248",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"
          },
          {
            "name": "MDVSA-2011:144",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:144"
          },
          {
            "name": "openSUSE-SU-2013:0243",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          },
          {
            "name": "46414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46414"
          },
          {
            "name": "48551",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48551"
          },
          {
            "name": "DSA-2405",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2405"
          },
          {
            "name": "SUSE-SU-2011:1229",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/JSA10585"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1888222 - in /httpd/site/trunk/content/security/json: CVE-2010-2068.json CVE-2010-2791.json CVE-2011-0419.json CVE-2011-3368.json",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-10-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-06T10:09:39",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[announce] 20111005 Advisory: mod_proxy reverse proxy exposure (CVE-2011-3368)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://web.archiveorange.com/archive/v/ZyS0hzECD5zzb2NkvQlt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1179239"
        },
        {
          "name": "SSRT100966",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.contextis.com/research/blog/reverseproxybypass/"
        },
        {
          "name": "20111005 Context IS Advisory - Apache Reverse Proxy Bypass Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2011/Oct/273"
        },
        {
          "name": "RHSA-2011:1391",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1391.html"
        },
        {
          "name": "SE49724",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48"
        },
        {
          "name": "RHSA-2012:0543",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0543.html"
        },
        {
          "name": "HPSBOV02822",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
        },
        {
          "name": "46288",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46288"
        },
        {
          "name": "76079",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/76079"
        },
        {
          "name": "17969",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/17969"
        },
        {
          "name": "SSRT100772",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
        },
        {
          "name": "49957",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/49957"
        },
        {
          "name": "SE49723",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=nas2064c7e5f53452ff686257927003c8d42"
        },
        {
          "name": "HPSBMU02748",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
        },
        {
          "name": "RHSA-2012:0542",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0542.html"
        },
        {
          "name": "APPLE-SA-2012-09-19-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5501"
        },
        {
          "name": "apache-modproxy-information-disclosure(70336)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70336"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=740045"
        },
        {
          "name": "1026144",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026144"
        },
        {
          "name": "RHSA-2011:1392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1392.html"
        },
        {
          "name": "20111005 Apache HTTP Server: mod_proxy reverse proxy exposure (CVE-2011-3368)",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2011/Oct/232"
        },
        {
          "name": "openSUSE-SU-2013:0248",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"
        },
        {
          "name": "MDVSA-2011:144",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:144"
        },
        {
          "name": "openSUSE-SU-2013:0243",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        },
        {
          "name": "46414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46414"
        },
        {
          "name": "48551",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48551"
        },
        {
          "name": "DSA-2405",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2405"
        },
        {
          "name": "SUSE-SU-2011:1229",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/JSA10585"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1888222 - in /httpd/site/trunk/content/security/json: CVE-2010-2068.json CVE-2010-2791.json CVE-2011-0419.json CVE-2011-3368.json",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2011-3368",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[announce] 20111005 Advisory: mod_proxy reverse proxy exposure (CVE-2011-3368)",
              "refsource": "MLIST",
              "url": "http://web.archiveorange.com/archive/v/ZyS0hzECD5zzb2NkvQlt"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1179239",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1179239"
            },
            {
              "name": "SSRT100966",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
            },
            {
              "name": "http://www.contextis.com/research/blog/reverseproxybypass/",
              "refsource": "MISC",
              "url": "http://www.contextis.com/research/blog/reverseproxybypass/"
            },
            {
              "name": "20111005 Context IS Advisory - Apache Reverse Proxy Bypass Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2011/Oct/273"
            },
            {
              "name": "RHSA-2011:1391",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1391.html"
            },
            {
              "name": "SE49724",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48"
            },
            {
              "name": "RHSA-2012:0543",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0543.html"
            },
            {
              "name": "HPSBOV02822",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
            },
            {
              "name": "46288",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/46288"
            },
            {
              "name": "76079",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/76079"
            },
            {
              "name": "17969",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/17969"
            },
            {
              "name": "SSRT100772",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
            },
            {
              "name": "49957",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/49957"
            },
            {
              "name": "SE49723",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=nas2064c7e5f53452ff686257927003c8d42"
            },
            {
              "name": "HPSBMU02748",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
            },
            {
              "name": "RHSA-2012:0542",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0542.html"
            },
            {
              "name": "APPLE-SA-2012-09-19-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5501",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5501"
            },
            {
              "name": "apache-modproxy-information-disclosure(70336)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70336"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=740045",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=740045"
            },
            {
              "name": "1026144",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026144"
            },
            {
              "name": "RHSA-2011:1392",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1392.html"
            },
            {
              "name": "20111005 Apache HTTP Server: mod_proxy reverse proxy exposure (CVE-2011-3368)",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2011/Oct/232"
            },
            {
              "name": "openSUSE-SU-2013:0248",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"
            },
            {
              "name": "MDVSA-2011:144",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:144"
            },
            {
              "name": "openSUSE-SU-2013:0243",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            },
            {
              "name": "46414",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/46414"
            },
            {
              "name": "48551",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48551"
            },
            {
              "name": "DSA-2405",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2405"
            },
            {
              "name": "SUSE-SU-2011:1229",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
            },
            {
              "name": "http://kb.juniper.net/JSA10585",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/JSA10585"
            },
            {
              "name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1888222 - in /httpd/site/trunk/content/security/json: CVE-2010-2068.json CVE-2010-2791.json CVE-2011-0419.json CVE-2011-3368.json",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-3368",
    "datePublished": "2011-10-05T22:00:00",
    "dateReserved": "2011-08-30T00:00:00",
    "dateUpdated": "2024-08-06T23:29:56.890Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-2956 (GCVE-0-2010-2956)

Vulnerability from cvelistv5

Published

2010-09-10 18:00

Modified

2024-08-07 02:55

Severity ?

CWE

n/a

Summary

Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.

References

URL

Tags

	http://www.vupen.com/english/advisories/2010/2312	vdb-entry, x_refsource_VUPEN
	https://bugzilla.redhat.com/show_bug.cgi?id=628628	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/2318	vdb-entry, x_refsource_VUPEN
	http://www.vmware.com/security/advisories/VMSA-2011-0001.html	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:175	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2010/2320	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/514489/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2010/2358	vdb-entry, x_refsource_VUPEN
	http://www.sudo.ws/sudo/alerts/runas_group.html	x_refsource_CONFIRM
	http://wiki.rpath.com/Advisories:rPSA-2010-0075	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047516.html	vendor-advisory, x_refsource_FEDORA
	http://security.gentoo.org/glsa/glsa-201009-03.xml	vendor-advisory, x_refsource_GENTOO
	http://www.securityfocus.com/archive/1/515545/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/43019	vdb-entry, x_refsource_BID
	http://www.redhat.com/support/errata/RHSA-2010-0675.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/40508	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1024392	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/42787	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0025	vdb-entry, x_refsource_VUPEN
	http://www.ubuntu.com/usn/USN-983-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/41316	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:55:46.374Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2010-2312",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2312"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628628"
          },
          {
            "name": "ADV-2010-2318",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2318"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
          },
          {
            "name": "MDVSA-2010:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:175"
          },
          {
            "name": "ADV-2010-2320",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2320"
          },
          {
            "name": "20101027 rPSA-2010-0075-1 sudo",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
          },
          {
            "name": "ADV-2010-2358",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2358"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/sudo/alerts/runas_group.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
          },
          {
            "name": "FEDORA-2010-14355",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047516.html"
          },
          {
            "name": "GLSA-201009-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201009-03.xml"
          },
          {
            "name": "20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
          },
          {
            "name": "SUSE-SR:2010:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
          },
          {
            "name": "43019",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43019"
          },
          {
            "name": "RHSA-2010:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0675.html"
          },
          {
            "name": "40508",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40508"
          },
          {
            "name": "1024392",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024392"
          },
          {
            "name": "42787",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42787"
          },
          {
            "name": "ADV-2011-0025",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0025"
          },
          {
            "name": "USN-983-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-983-1"
          },
          {
            "name": "41316",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41316"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a \"-u root\" sequence."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "ADV-2010-2312",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2312"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628628"
        },
        {
          "name": "ADV-2010-2318",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2318"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
        },
        {
          "name": "MDVSA-2010:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:175"
        },
        {
          "name": "ADV-2010-2320",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2320"
        },
        {
          "name": "20101027 rPSA-2010-0075-1 sudo",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
        },
        {
          "name": "ADV-2010-2358",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2358"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/sudo/alerts/runas_group.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
        },
        {
          "name": "FEDORA-2010-14355",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047516.html"
        },
        {
          "name": "GLSA-201009-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201009-03.xml"
        },
        {
          "name": "20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
        },
        {
          "name": "SUSE-SR:2010:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
        },
        {
          "name": "43019",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43019"
        },
        {
          "name": "RHSA-2010:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0675.html"
        },
        {
          "name": "40508",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40508"
        },
        {
          "name": "1024392",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024392"
        },
        {
          "name": "42787",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42787"
        },
        {
          "name": "ADV-2011-0025",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0025"
        },
        {
          "name": "USN-983-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-983-1"
        },
        {
          "name": "41316",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41316"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-2956",
    "datePublished": "2010-09-10T18:00:00",
    "dateReserved": "2010-08-04T00:00:00",
    "dateUpdated": "2024-08-07T02:55:46.374Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-1944 (GCVE-0-2011-1944)

Vulnerability from cvelistv5

Published

2011-09-02 16:00

Modified

2024-08-06 22:46

Severity ?

CWE

n/a

Summary

Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.

References

URL

Tags

	http://www.securityfocus.com/bid/48056	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/44711	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:131	vendor-advisory, x_refsource_MANDRIVA
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-updates/2011-07/msg00035.html	vendor-advisory, x_refsource_SUSE
	http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT5503	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=709747	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-0217.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2011-1749.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://www.debian.org/security/2011/dsa-2255	vendor-advisory, x_refsource_DEBIAN
	http://www.osvdb.org/73248	vdb-entry, x_refsource_OSVDB
	http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html	x_refsource_MISC
	http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.html	vendor-advisory, x_refsource_FEDORA
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041	vendor-advisory, x_refsource_HP
	http://www.openwall.com/lists/oss-security/2011/05/31/8	mailing-list, x_refsource_MLIST
	http://support.apple.com/kb/HT5281	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2012/May/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://ubuntu.com/usn/usn-1153-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:46:00.842Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "48056",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48056"
          },
          {
            "name": "44711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44711"
          },
          {
            "name": "MDVSA-2011:131",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:131"
          },
          {
            "name": "HPSBMU02786",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "openSUSE-SU-2011:0839",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2011-07/msg00035.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4"
          },
          {
            "name": "APPLE-SA-2012-09-19-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=709747"
          },
          {
            "name": "RHSA-2013:0217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
          },
          {
            "name": "RHSA-2011:1749",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "name": "DSA-2255",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2255"
          },
          {
            "name": "73248",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/73248"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html"
          },
          {
            "name": "FEDORA-2011-7856",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.html"
          },
          {
            "name": "SSRT100877",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "[oss-security] 20110531 Re: CVE request: libxml vulnerability and interesting integer issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/05/31/8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5281"
          },
          {
            "name": "APPLE-SA-2012-05-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
          },
          {
            "name": "USN-1153-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1153-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-06-15T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "48056",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48056"
        },
        {
          "name": "44711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44711"
        },
        {
          "name": "MDVSA-2011:131",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:131"
        },
        {
          "name": "HPSBMU02786",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "openSUSE-SU-2011:0839",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2011-07/msg00035.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4"
        },
        {
          "name": "APPLE-SA-2012-09-19-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=709747"
        },
        {
          "name": "RHSA-2013:0217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
        },
        {
          "name": "RHSA-2011:1749",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
        },
        {
          "name": "DSA-2255",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2255"
        },
        {
          "name": "73248",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/73248"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html"
        },
        {
          "name": "FEDORA-2011-7856",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.html"
        },
        {
          "name": "SSRT100877",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "[oss-security] 20110531 Re: CVE request: libxml vulnerability and interesting integer issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/05/31/8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5281"
        },
        {
          "name": "APPLE-SA-2012-05-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
        },
        {
          "name": "USN-1153-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1153-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2011-1944",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "48056",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48056"
            },
            {
              "name": "44711",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44711"
            },
            {
              "name": "MDVSA-2011:131",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:131"
            },
            {
              "name": "HPSBMU02786",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "openSUSE-SU-2011:0839",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2011-07/msg00035.html"
            },
            {
              "name": "http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4",
              "refsource": "CONFIRM",
              "url": "http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4"
            },
            {
              "name": "APPLE-SA-2012-09-19-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5503",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5503"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=709747",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=709747"
            },
            {
              "name": "RHSA-2013:0217",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
            },
            {
              "name": "RHSA-2011:1749",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
            },
            {
              "name": "DSA-2255",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2255"
            },
            {
              "name": "73248",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/73248"
            },
            {
              "name": "http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html",
              "refsource": "MISC",
              "url": "http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html"
            },
            {
              "name": "FEDORA-2011-7856",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.html"
            },
            {
              "name": "SSRT100877",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "[oss-security] 20110531 Re: CVE request: libxml vulnerability and interesting integer issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2011/05/31/8"
            },
            {
              "name": "http://support.apple.com/kb/HT5281",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5281"
            },
            {
              "name": "APPLE-SA-2012-05-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
            },
            {
              "name": "USN-1153-1",
              "refsource": "UBUNTU",
              "url": "http://ubuntu.com/usn/usn-1153-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1944",
    "datePublished": "2011-09-02T16:00:00",
    "dateReserved": "2011-05-09T00:00:00",
    "dateUpdated": "2024-08-06T22:46:00.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-5908 (GCVE-0-2013-5908)

Vulnerability from cvelistv5

Published

2014-01-15 01:33

Modified

2024-08-06 17:29

Severity ?

CWE

n/a

Summary

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.

References

URL

Tags

	http://ubuntu.com/usn/usn-2086-1	vendor-advisory, x_refsource_UBUNTU
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698	x_refsource_CONFIRM
	http://osvdb.org/102078	vdb-entry, x_refsource_OSVDB
	http://www.debian.org/security/2014/dsa-2845	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/56491	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2014-0186.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/64896	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/56541	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2014/dsa-2848	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/56580	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/90389	vdb-entry, x_refsource_XF
	http://rhn.redhat.com/errata/RHSA-2014-0173.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2014-0189.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2014-0164.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/64758	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-201409-04.xml	vendor-advisory, x_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:29:41.200Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2086-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-2086-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
          },
          {
            "name": "102078",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/102078"
          },
          {
            "name": "DSA-2845",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2845"
          },
          {
            "name": "56491",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56491"
          },
          {
            "name": "RHSA-2014:0186",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0186.html"
          },
          {
            "name": "64896",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64896"
          },
          {
            "name": "56541",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56541"
          },
          {
            "name": "DSA-2848",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2848"
          },
          {
            "name": "56580",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56580"
          },
          {
            "name": "oracle-cpujan2014-cve20135908(90389)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90389"
          },
          {
            "name": "RHSA-2014:0173",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0173.html"
          },
          {
            "name": "RHSA-2014:0189",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0189.html"
          },
          {
            "name": "RHSA-2014:0164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0164.html"
          },
          {
            "name": "64758",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64758"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
          },
          {
            "name": "GLSA-201409-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "USN-2086-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-2086-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
        },
        {
          "name": "102078",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/102078"
        },
        {
          "name": "DSA-2845",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2845"
        },
        {
          "name": "56491",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56491"
        },
        {
          "name": "RHSA-2014:0186",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0186.html"
        },
        {
          "name": "64896",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64896"
        },
        {
          "name": "56541",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56541"
        },
        {
          "name": "DSA-2848",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2848"
        },
        {
          "name": "56580",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56580"
        },
        {
          "name": "oracle-cpujan2014-cve20135908(90389)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90389"
        },
        {
          "name": "RHSA-2014:0173",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0173.html"
        },
        {
          "name": "RHSA-2014:0189",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0189.html"
        },
        {
          "name": "RHSA-2014:0164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0164.html"
        },
        {
          "name": "64758",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64758"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
        },
        {
          "name": "GLSA-201409-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2013-5908",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2086-1",
              "refsource": "UBUNTU",
              "url": "http://ubuntu.com/usn/usn-2086-1"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
            },
            {
              "name": "102078",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/102078"
            },
            {
              "name": "DSA-2845",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2845"
            },
            {
              "name": "56491",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56491"
            },
            {
              "name": "RHSA-2014:0186",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0186.html"
            },
            {
              "name": "64896",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/64896"
            },
            {
              "name": "56541",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56541"
            },
            {
              "name": "DSA-2848",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2848"
            },
            {
              "name": "56580",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56580"
            },
            {
              "name": "oracle-cpujan2014-cve20135908(90389)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90389"
            },
            {
              "name": "RHSA-2014:0173",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0173.html"
            },
            {
              "name": "RHSA-2014:0189",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0189.html"
            },
            {
              "name": "RHSA-2014:0164",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0164.html"
            },
            {
              "name": "64758",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/64758"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
            },
            {
              "name": "GLSA-201409-04",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2013-5908",
    "datePublished": "2014-01-15T01:33:00",
    "dateReserved": "2013-09-18T00:00:00",
    "dateUpdated": "2024-08-06T17:29:41.200Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0099 (GCVE-0-2014-0099)

Vulnerability from cvelistv5

Published

2014-05-31 10:00

Modified

2024-08-06 09:05

Severity ?

CWE

n/a

Summary

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.

References

URL

Tags

	http://advisories.mageia.org/MGASA-2014-0268.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59121	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2015-0765.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59732	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59835	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/532221/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://rhn.redhat.com/errata/RHSA-2015-0675.html	vendor-advisory, x_refsource_REDHAT
	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21681528	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:052	vendor-advisory, x_refsource_MANDRIVA
	http://rhn.redhat.com/errata/RHSA-2015-0720.html	vendor-advisory, x_refsource_REDHAT
	http://seclists.org/fulldisclosure/2014/May/140	mailing-list, x_refsource_FULLDISC
	http://secunia.com/advisories/59849	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-0865.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/67668	vdb-entry, x_refsource_BID
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:084	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2016/dsa-3530	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/59678	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141017844705317&w=2	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/archive/1/532218/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://tomcat.apache.org/security-7.html	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/534161/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:053	vendor-advisory, x_refsource_MANDRIVA
	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141390017113542&w=2	vendor-advisory, x_refsource_HP
	http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html	vendor-advisory, x_refsource_FEDORA
	http://tomcat.apache.org/security-8.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21678231	x_refsource_CONFIRM
	http://tomcat.apache.org/security-6.html	x_refsource_CONFIRM
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59873	third-party-advisory, x_refsource_SECUNIA
	http://svn.apache.org/viewvc?view=revision&revision=1578814	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Dec/23	mailing-list, x_refsource_FULLDISC
	http://www.securitytracker.com/id/1030302	vdb-entry, x_refsource_SECTRACK
	http://marc.info/?l=bugtraq&m=144498216801440&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141017844705317&w=2	vendor-advisory, x_refsource_HP
	http://svn.apache.org/viewvc?view=revision&revision=1578812	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1580473	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3447	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/60729	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60793	third-party-advisory, x_refsource_SECUNIA
	http://seclists.org/fulldisclosure/2014/May/138	mailing-list, x_refsource_FULLDISC
	http://www-01.ibm.com/support/docview.wss?uid=swg21680603	x_refsource_CONFIRM
	https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:38.296Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
          },
          {
            "name": "59121",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59121"
          },
          {
            "name": "RHSA-2015:0765",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
          },
          {
            "name": "59732",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59732"
          },
          {
            "name": "59835",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59835"
          },
          {
            "name": "20140527 Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/532221/100/0/threaded"
          },
          {
            "name": "RHSA-2015:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
          },
          {
            "name": "MDVSA-2015:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
          },
          {
            "name": "RHSA-2015:0720",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
          },
          {
            "name": "20140527 [SECURITY]  Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/May/140"
          },
          {
            "name": "59849",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59849"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-0865.html"
          },
          {
            "name": "67668",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/67668"
          },
          {
            "name": "MDVSA-2015:084",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
          },
          {
            "name": "DSA-3530",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3530"
          },
          {
            "name": "59678",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59678"
          },
          {
            "name": "HPSBUX03102",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
          },
          {
            "name": "20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/532218/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-7.html"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
          },
          {
            "name": "MDVSA-2015:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "name": "HPSBUX03150",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2"
          },
          {
            "name": "FEDORA-2015-2109",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-8.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-6.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
          },
          {
            "name": "59873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59873"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578814"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
          },
          {
            "name": "1030302",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030302"
          },
          {
            "name": "HPSBOV03503",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
          },
          {
            "name": "SSRT101681",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578812"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1580473"
          },
          {
            "name": "DSA-3447",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3447"
          },
          {
            "name": "60729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60729"
          },
          {
            "name": "60793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60793"
          },
          {
            "name": "20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/May/138"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680603"
          },
          {
            "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-13T16:09:53",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
        },
        {
          "name": "59121",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59121"
        },
        {
          "name": "RHSA-2015:0765",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
        },
        {
          "name": "59732",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59732"
        },
        {
          "name": "59835",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59835"
        },
        {
          "name": "20140527 Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/532221/100/0/threaded"
        },
        {
          "name": "RHSA-2015:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
        },
        {
          "name": "MDVSA-2015:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
        },
        {
          "name": "RHSA-2015:0720",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
        },
        {
          "name": "20140527 [SECURITY]  Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/May/140"
        },
        {
          "name": "59849",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59849"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-0865.html"
        },
        {
          "name": "67668",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/67668"
        },
        {
          "name": "MDVSA-2015:084",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
        },
        {
          "name": "DSA-3530",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3530"
        },
        {
          "name": "59678",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59678"
        },
        {
          "name": "HPSBUX03102",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
        },
        {
          "name": "20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/532218/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-7.html"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
        },
        {
          "name": "MDVSA-2015:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "name": "HPSBUX03150",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2"
        },
        {
          "name": "FEDORA-2015-2109",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-8.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-6.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
        },
        {
          "name": "59873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59873"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578814"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
        },
        {
          "name": "1030302",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030302"
        },
        {
          "name": "HPSBOV03503",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
        },
        {
          "name": "SSRT101681",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578812"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1580473"
        },
        {
          "name": "DSA-3447",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3447"
        },
        {
          "name": "60729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60729"
        },
        {
          "name": "60793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60793"
        },
        {
          "name": "20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/May/138"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680603"
        },
        {
          "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-0099",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0268.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
            },
            {
              "name": "59121",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59121"
            },
            {
              "name": "RHSA-2015:0765",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
            },
            {
              "name": "59732",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59732"
            },
            {
              "name": "59835",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59835"
            },
            {
              "name": "20140527 Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/532221/100/0/threaded"
            },
            {
              "name": "RHSA-2015:0675",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
            },
            {
              "name": "MDVSA-2015:052",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
            },
            {
              "name": "RHSA-2015:0720",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
            },
            {
              "name": "20140527 [SECURITY]  Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/May/140"
            },
            {
              "name": "59849",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59849"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-0865.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-0865.html"
            },
            {
              "name": "67668",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/67668"
            },
            {
              "name": "MDVSA-2015:084",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
            },
            {
              "name": "DSA-3530",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3530"
            },
            {
              "name": "59678",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59678"
            },
            {
              "name": "HPSBUX03102",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
            },
            {
              "name": "20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/532218/100/0/threaded"
            },
            {
              "name": "http://tomcat.apache.org/security-7.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-7.html"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
            },
            {
              "name": "MDVSA-2015:053",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "HPSBUX03150",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2"
            },
            {
              "name": "FEDORA-2015-2109",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html"
            },
            {
              "name": "http://tomcat.apache.org/security-8.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-8.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
            },
            {
              "name": "http://tomcat.apache.org/security-6.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-6.html"
            },
            {
              "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013",
              "refsource": "CONFIRM",
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
            },
            {
              "name": "59873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59873"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578814",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578814"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
            },
            {
              "name": "1030302",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030302"
            },
            {
              "name": "HPSBOV03503",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
            },
            {
              "name": "SSRT101681",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578812",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578812"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1580473",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1580473"
            },
            {
              "name": "DSA-3447",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3447"
            },
            {
              "name": "60729",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60729"
            },
            {
              "name": "60793",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60793"
            },
            {
              "name": "20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/May/138"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680603",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680603"
            },
            {
              "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0099",
    "datePublished": "2014-05-31T10:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:38.296Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-4827 (GCVE-0-2014-4827)

Vulnerability from cvelistv5

Published

2014-10-19 01:00

Modified

2024-08-06 11:27

Severity ?

CWE

n/a

Summary

Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg21686478	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/95577	vdb-entry, x_refsource_XF

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:27:36.767Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
          },
          {
            "name": "ibm-qvm-cve20144827-xss(95577)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95577"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
        },
        {
          "name": "ibm-qvm-cve20144827-xss(95577)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95577"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-4827",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
            },
            {
              "name": "ibm-qvm-cve20144827-xss(95577)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95577"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-4827",
    "datePublished": "2014-10-19T01:00:00",
    "dateReserved": "2014-07-09T00:00:00",
    "dateUpdated": "2024-08-06T11:27:36.767Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-3510 (GCVE-0-2012-3510)

Vulnerability from cvelistv5

Published

2012-10-03 10:00

Modified

2024-08-06 20:05

Severity ?

CWE

n/a

Summary

Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command.

References

URL

Tags

	https://github.com/torvalds/linux/commit/f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9	x_refsource_CONFIRM
	http://secunia.com/advisories/50811	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=849722	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2012-1323.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/55144	vdb-entry, x_refsource_BID
	http://www.openwall.com/lists/oss-security/2012/08/20/12	mailing-list, x_refsource_MLIST
	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1027602	vdb-entry, x_refsource_SECTRACK
	http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:05:12.706Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9"
          },
          {
            "name": "50811",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50811"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849722"
          },
          {
            "name": "RHSA-2012:1323",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1323.html"
          },
          {
            "name": "55144",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55144"
          },
          {
            "name": "[oss-security] 20120820 Re: CVE Request -- kernel: taskstats: use-after-free in xacct_add_tsk()",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/08/20/12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9"
          },
          {
            "name": "1027602",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027602"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-11-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-01-29T10:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9"
        },
        {
          "name": "50811",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/50811"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849722"
        },
        {
          "name": "RHSA-2012:1323",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1323.html"
        },
        {
          "name": "55144",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55144"
        },
        {
          "name": "[oss-security] 20120820 Re: CVE Request -- kernel: taskstats: use-after-free in xacct_add_tsk()",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/08/20/12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9"
        },
        {
          "name": "1027602",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027602"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-3510",
    "datePublished": "2012-10-03T10:00:00",
    "dateReserved": "2012-06-14T00:00:00",
    "dateUpdated": "2024-08-06T20:05:12.706Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-1163 (GCVE-0-2010-1163)

Vulnerability from cvelistv5

Published

2010-04-16 19:00

Modified

2024-08-07 01:14

Severity ?

CWE

n/a

Summary

The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426.

References

URL

Tags

	http://www.ubuntu.com/usn/USN-928-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2010-0361.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/39384	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9382	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/39543	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/39399	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/1019	vdb-entry, x_refsource_VUPEN
	http://www.osvdb.org/63878	vdb-entry, x_refsource_OSVDB
	http://www.vupen.com/english/advisories/2010/0956	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/510880/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/514489/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:078	vendor-advisory, x_refsource_MANDRIVA
	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039986.html	vendor-advisory, x_refsource_FEDORA
	http://www.vupen.com/english/advisories/2010/0895	vdb-entry, x_refsource_VUPEN
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://www.vupen.com/english/advisories/2010/0949	vdb-entry, x_refsource_VUPEN
	http://wiki.rpath.com/Advisories:rPSA-2010-0075	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/510827/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/39468	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2010/0881	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/39474	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/510846/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/57836	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2010/0904	vdb-entry, x_refsource_VUPEN
	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019	vendor-advisory, x_refsource_SLACKWARE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:14:06.554Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-928-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-928-1"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "RHSA-2010:0361",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0361.html"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "39384",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39384"
          },
          {
            "name": "oval:org.mitre.oval:def:9382",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9382"
          },
          {
            "name": "39543",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39543"
          },
          {
            "name": "39399",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39399"
          },
          {
            "name": "ADV-2010-1019",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1019"
          },
          {
            "name": "63878",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/63878"
          },
          {
            "name": "ADV-2010-0956",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0956"
          },
          {
            "name": "20100422 Re: sudoedit local privilege escalation through PATH manipulation",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/510880/100/0/threaded"
          },
          {
            "name": "20101027 rPSA-2010-0075-1 sudo",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
          },
          {
            "name": "MDVSA-2010:078",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:078"
          },
          {
            "name": "FEDORA-2010-6756",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039986.html"
          },
          {
            "name": "ADV-2010-0895",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0895"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "ADV-2010-0949",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0949"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
          },
          {
            "name": "20100419 sudoedit local privilege escalation through PATH manipulation",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/510827/100/0/threaded"
          },
          {
            "name": "39468",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/39468"
          },
          {
            "name": "ADV-2010-0881",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0881"
          },
          {
            "name": "39474",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39474"
          },
          {
            "name": "20100420 Re: sudoedit local privilege escalation through PATH manipulation",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/510846/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html"
          },
          {
            "name": "sudo-sudoefit-privilege-escalation(57836)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57836"
          },
          {
            "name": "ADV-2010-0904",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0904"
          },
          {
            "name": "SSA:2010-110-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-04-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for \".\", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-928-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-928-1"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "RHSA-2010:0361",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0361.html"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "39384",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39384"
        },
        {
          "name": "oval:org.mitre.oval:def:9382",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9382"
        },
        {
          "name": "39543",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39543"
        },
        {
          "name": "39399",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39399"
        },
        {
          "name": "ADV-2010-1019",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1019"
        },
        {
          "name": "63878",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/63878"
        },
        {
          "name": "ADV-2010-0956",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0956"
        },
        {
          "name": "20100422 Re: sudoedit local privilege escalation through PATH manipulation",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/510880/100/0/threaded"
        },
        {
          "name": "20101027 rPSA-2010-0075-1 sudo",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
        },
        {
          "name": "MDVSA-2010:078",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:078"
        },
        {
          "name": "FEDORA-2010-6756",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039986.html"
        },
        {
          "name": "ADV-2010-0895",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0895"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "name": "ADV-2010-0949",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0949"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
        },
        {
          "name": "20100419 sudoedit local privilege escalation through PATH manipulation",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/510827/100/0/threaded"
        },
        {
          "name": "39468",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/39468"
        },
        {
          "name": "ADV-2010-0881",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0881"
        },
        {
          "name": "39474",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39474"
        },
        {
          "name": "20100420 Re: sudoedit local privilege escalation through PATH manipulation",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/510846/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html"
        },
        {
          "name": "sudo-sudoefit-privilege-escalation(57836)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57836"
        },
        {
          "name": "ADV-2010-0904",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0904"
        },
        {
          "name": "SSA:2010-110-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-1163",
    "datePublished": "2010-04-16T19:00:00",
    "dateReserved": "2010-03-29T00:00:00",
    "dateUpdated": "2024-08-07T01:14:06.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0453 (GCVE-0-2014-0453)

Vulnerability from cvelistv5

Published

2014-04-16 01:00

Modified

2024-08-06 09:13

Severity ?

CWE

n/a

Summary

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg21676373	x_refsource_CONFIRM
	http://secunia.com/advisories/59022	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21680750	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2187-1	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2014-0675.html	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2014:0414	vendor-advisory, x_refsource_REDHAT
	http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/59324	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2191-1	vendor-advisory, x_refsource_UBUNTU
	http://www-01.ibm.com/support/docview.wss?uid=swg21679610	x_refsource_CONFIRM
	http://secunia.com/advisories/59733	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61050	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676672	x_refsource_CONFIRM
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140852886808946&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21672080	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21681047	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21675945	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2014:0413	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=140852886808946&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=140852974709252&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61264	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59194	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60498	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2014-0685.html	vendor-advisory, x_refsource_REDHAT
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21678113	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21677294	x_refsource_CONFIRM
	http://secunia.com/advisories/59436	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59653	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59071	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2014/dsa-2912	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/66914	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/60117	third-party-advisory, x_refsource_SECUNIA
	http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21681256	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21680387	x_refsource_CONFIRM
	http://secunia.com/advisories/60574	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59722	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58415	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59104	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59675	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140852974709252&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59438	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21674539	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21683484	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21673836	x_refsource_CONFIRM
	https://www.ibm.com/support/docview.wss?uid=swg21674530	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg21677387	x_refsource_CONFIRM
	http://secunia.com/advisories/59023	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59307	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21679713	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg21675343	x_refsource_CONFIRM
	http://secunia.com/advisories/59082	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676703	x_refsource_CONFIRM
	http://secunia.com/advisories/59250	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60580	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-201502-12.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/59255	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21681018	x_refsource_CONFIRM
	http://secunia.com/advisories/60111	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60003	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676190	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg21675588	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:13:10.631Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
          },
          {
            "name": "59022",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59022"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750"
          },
          {
            "name": "USN-2187-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2187-1"
          },
          {
            "name": "RHSA-2014:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
          },
          {
            "name": "RHSA-2014:0414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2014:0414"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "59324",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59324"
          },
          {
            "name": "USN-2191-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2191-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610"
          },
          {
            "name": "59733",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59733"
          },
          {
            "name": "61050",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61050"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
          },
          {
            "name": "HPSBUX03091",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945"
          },
          {
            "name": "RHSA-2014:0413",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2014:0413"
          },
          {
            "name": "SSRT101667",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
          },
          {
            "name": "HPSBUX03092",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
          },
          {
            "name": "61264",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61264"
          },
          {
            "name": "59194",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59194"
          },
          {
            "name": "60498",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60498"
          },
          {
            "name": "RHSA-2014:0685",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
          },
          {
            "name": "59436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59436"
          },
          {
            "name": "59653",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59653"
          },
          {
            "name": "59071",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59071"
          },
          {
            "name": "DSA-2912",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2912"
          },
          {
            "name": "66914",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/66914"
          },
          {
            "name": "60117",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60117"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
          },
          {
            "name": "60574",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60574"
          },
          {
            "name": "59722",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59722"
          },
          {
            "name": "58415",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58415"
          },
          {
            "name": "59104",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59104"
          },
          {
            "name": "59675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59675"
          },
          {
            "name": "SSRT101668",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
          },
          {
            "name": "59438",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59438"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/docview.wss?uid=swg21674530"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
          },
          {
            "name": "59023",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59023"
          },
          {
            "name": "59307",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59307"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
          },
          {
            "name": "59082",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59082"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703"
          },
          {
            "name": "59250",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59250"
          },
          {
            "name": "60580",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60580"
          },
          {
            "name": "GLSA-201502-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
          },
          {
            "name": "59255",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59255"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
          },
          {
            "name": "60111",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60111"
          },
          {
            "name": "60003",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60003"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-04-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
        },
        {
          "name": "59022",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59022"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750"
        },
        {
          "name": "USN-2187-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2187-1"
        },
        {
          "name": "RHSA-2014:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
        },
        {
          "name": "RHSA-2014:0414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2014:0414"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "59324",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59324"
        },
        {
          "name": "USN-2191-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2191-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610"
        },
        {
          "name": "59733",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59733"
        },
        {
          "name": "61050",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61050"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
        },
        {
          "name": "HPSBUX03091",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945"
        },
        {
          "name": "RHSA-2014:0413",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2014:0413"
        },
        {
          "name": "SSRT101667",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
        },
        {
          "name": "HPSBUX03092",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
        },
        {
          "name": "61264",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61264"
        },
        {
          "name": "59194",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59194"
        },
        {
          "name": "60498",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60498"
        },
        {
          "name": "RHSA-2014:0685",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
        },
        {
          "name": "59436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59436"
        },
        {
          "name": "59653",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59653"
        },
        {
          "name": "59071",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59071"
        },
        {
          "name": "DSA-2912",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2912"
        },
        {
          "name": "66914",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/66914"
        },
        {
          "name": "60117",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60117"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
        },
        {
          "name": "60574",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60574"
        },
        {
          "name": "59722",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59722"
        },
        {
          "name": "58415",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58415"
        },
        {
          "name": "59104",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59104"
        },
        {
          "name": "59675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59675"
        },
        {
          "name": "SSRT101668",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
        },
        {
          "name": "59438",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59438"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/docview.wss?uid=swg21674530"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
        },
        {
          "name": "59023",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59023"
        },
        {
          "name": "59307",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59307"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
        },
        {
          "name": "59082",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59082"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703"
        },
        {
          "name": "59250",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59250"
        },
        {
          "name": "60580",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60580"
        },
        {
          "name": "GLSA-201502-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
        },
        {
          "name": "59255",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59255"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
        },
        {
          "name": "60111",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60111"
        },
        {
          "name": "60003",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60003"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2014-0453",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
            },
            {
              "name": "59022",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59022"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750"
            },
            {
              "name": "USN-2187-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2187-1"
            },
            {
              "name": "RHSA-2014:0675",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
            },
            {
              "name": "RHSA-2014:0414",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2014:0414"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "59324",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59324"
            },
            {
              "name": "USN-2191-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2191-1"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610"
            },
            {
              "name": "59733",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59733"
            },
            {
              "name": "61050",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61050"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
            },
            {
              "name": "HPSBUX03091",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945"
            },
            {
              "name": "RHSA-2014:0413",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2014:0413"
            },
            {
              "name": "SSRT101667",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
            },
            {
              "name": "HPSBUX03092",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
            },
            {
              "name": "61264",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61264"
            },
            {
              "name": "59194",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59194"
            },
            {
              "name": "60498",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60498"
            },
            {
              "name": "RHSA-2014:0685",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
            },
            {
              "name": "59436",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59436"
            },
            {
              "name": "59653",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59653"
            },
            {
              "name": "59071",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59071"
            },
            {
              "name": "DSA-2912",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2912"
            },
            {
              "name": "66914",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/66914"
            },
            {
              "name": "60117",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60117"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
            },
            {
              "name": "60574",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60574"
            },
            {
              "name": "59722",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59722"
            },
            {
              "name": "58415",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58415"
            },
            {
              "name": "59104",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59104"
            },
            {
              "name": "59675",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59675"
            },
            {
              "name": "SSRT101668",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
            },
            {
              "name": "59438",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59438"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
            },
            {
              "name": "https://www.ibm.com/support/docview.wss?uid=swg21674530",
              "refsource": "CONFIRM",
              "url": "https://www.ibm.com/support/docview.wss?uid=swg21674530"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21677387",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
            },
            {
              "name": "59023",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59023"
            },
            {
              "name": "59307",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59307"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21675343",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
            },
            {
              "name": "59082",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59082"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703"
            },
            {
              "name": "59250",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59250"
            },
            {
              "name": "60580",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60580"
            },
            {
              "name": "GLSA-201502-12",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
            },
            {
              "name": "59255",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59255"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
            },
            {
              "name": "60111",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60111"
            },
            {
              "name": "60003",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60003"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21675588",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2014-0453",
    "datePublished": "2014-04-16T01:00:00",
    "dateReserved": "2013-12-12T00:00:00",
    "dateUpdated": "2024-08-06T09:13:10.631Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-1089 (GCVE-0-2011-1089)

Vulnerability from cvelistv5

Published

2011-04-10 01:29

Modified

2024-08-06 22:14

Severity ?

CWE

n/a

Summary

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.

References

URL

Tags

	http://openwall.com/lists/oss-security/2011/03/14/5	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/9	mailing-list, x_refsource_MLIST
	http://sourceware.org/bugzilla/show_bug.cgi?id=12625	x_refsource_MISC
	http://openwall.com/lists/oss-security/2011/03/22/6	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/46740	vdb-entry, x_refsource_BID
	http://openwall.com/lists/oss-security/2011/03/22/4	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/05/7	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=688980	x_refsource_MISC
	http://openwall.com/lists/oss-security/2011/03/07/9	mailing-list, x_refsource_MLIST
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:178	vendor-advisory, x_refsource_MANDRIVA
	http://openwall.com/lists/oss-security/2011/04/01/2	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/10	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/14/16	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/31/4	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/12	mailing-list, x_refsource_MLIST
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:179	vendor-advisory, x_refsource_MANDRIVA
	http://openwall.com/lists/oss-security/2011/03/14/7	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/11	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/05/3	mailing-list, x_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2011-1526.html	vendor-advisory, x_refsource_REDHAT
	http://openwall.com/lists/oss-security/2011/03/31/3	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/15/6	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:14:27.618Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/5"
          },
          {
            "name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/9"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12625"
          },
          {
            "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/22/6"
          },
          {
            "name": "46740",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46740"
          },
          {
            "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/22/4"
          },
          {
            "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/05/7"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
          },
          {
            "name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/07/9"
          },
          {
            "name": "MDVSA-2011:178",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
          },
          {
            "name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/04/01/2"
          },
          {
            "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/10"
          },
          {
            "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/16"
          },
          {
            "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/31/4"
          },
          {
            "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/12"
          },
          {
            "name": "MDVSA-2011:179",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
          },
          {
            "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/7"
          },
          {
            "name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/11"
          },
          {
            "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/05/3"
          },
          {
            "name": "RHSA-2011:1526",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
          },
          {
            "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/31/3"
          },
          {
            "name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/15/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-01-19T10:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/5"
        },
        {
          "name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/9"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12625"
        },
        {
          "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/22/6"
        },
        {
          "name": "46740",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46740"
        },
        {
          "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/22/4"
        },
        {
          "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/05/7"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
        },
        {
          "name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/07/9"
        },
        {
          "name": "MDVSA-2011:178",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
        },
        {
          "name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/04/01/2"
        },
        {
          "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/10"
        },
        {
          "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/16"
        },
        {
          "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/31/4"
        },
        {
          "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/12"
        },
        {
          "name": "MDVSA-2011:179",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
        },
        {
          "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/7"
        },
        {
          "name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/11"
        },
        {
          "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/05/3"
        },
        {
          "name": "RHSA-2011:1526",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
        },
        {
          "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/31/3"
        },
        {
          "name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/15/6"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1089",
    "datePublished": "2011-04-10T01:29:00",
    "dateReserved": "2011-02-24T00:00:00",
    "dateUpdated": "2024-08-06T22:14:27.618Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-1646 (GCVE-0-2010-1646)

Vulnerability from cvelistv5

Published

2010-06-07 14:00

Modified

2024-08-07 01:28

Severity ?

CWE

n/a

Summary

The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.

References

URL

Tags

	http://www.osvdb.org/65083	vdb-entry, x_refsource_OSVDB
	http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://www.sudo.ws/sudo/alerts/secure_path.html	x_refsource_CONFIRM
	http://www.sudo.ws/repos/sudo/rev/3057fde43cf0	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580	vdb-entry, signature, x_refsource_OVAL
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:118	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/40188	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/40002	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/40215	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/514489/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.securitytracker.com/id?1024101	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/40538	vdb-entry, x_refsource_BID
	http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html	vendor-advisory, x_refsource_FEDORA
	http://www.sudo.ws/repos/sudo/rev/a09c6812eaec	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2010/dsa-2062	vendor-advisory, x_refsource_DEBIAN
	http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html	vendor-advisory, x_refsource_FEDORA
	http://wiki.rpath.com/Advisories:rPSA-2010-0075	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-201009-03.xml	vendor-advisory, x_refsource_GENTOO
	http://www.vupen.com/english/advisories/2010/1478	vdb-entry, x_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2010-0475.html	vendor-advisory, x_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/40508	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/1518	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/1519	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/1452	vdb-entry, x_refsource_VUPEN
	https://bugzilla.redhat.com/show_bug.cgi?id=598154	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:28:41.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "65083",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/65083"
          },
          {
            "name": "FEDORA-2010-9417",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/sudo/alerts/secure_path.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/repos/sudo/rev/3057fde43cf0"
          },
          {
            "name": "oval:org.mitre.oval:def:10580",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580"
          },
          {
            "name": "MDVSA-2010:118",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:118"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "40188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40188"
          },
          {
            "name": "40002",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40002"
          },
          {
            "name": "40215",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40215"
          },
          {
            "name": "20101027 rPSA-2010-0075-1 sudo",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
          },
          {
            "name": "1024101",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024101"
          },
          {
            "name": "40538",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/40538"
          },
          {
            "name": "FEDORA-2010-9415",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/repos/sudo/rev/a09c6812eaec"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "DSA-2062",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2062"
          },
          {
            "name": "FEDORA-2010-9402",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
          },
          {
            "name": "GLSA-201009-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201009-03.xml"
          },
          {
            "name": "ADV-2010-1478",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1478"
          },
          {
            "name": "RHSA-2010:0475",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0475.html"
          },
          {
            "name": "oval:org.mitre.oval:def:7338",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338"
          },
          {
            "name": "40508",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40508"
          },
          {
            "name": "ADV-2010-1518",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1518"
          },
          {
            "name": "ADV-2010-1519",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1519"
          },
          {
            "name": "ADV-2010-1452",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1452"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598154"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-06-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "65083",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/65083"
        },
        {
          "name": "FEDORA-2010-9417",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/sudo/alerts/secure_path.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/repos/sudo/rev/3057fde43cf0"
        },
        {
          "name": "oval:org.mitre.oval:def:10580",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580"
        },
        {
          "name": "MDVSA-2010:118",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:118"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "40188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40188"
        },
        {
          "name": "40002",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40002"
        },
        {
          "name": "40215",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40215"
        },
        {
          "name": "20101027 rPSA-2010-0075-1 sudo",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
        },
        {
          "name": "1024101",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024101"
        },
        {
          "name": "40538",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/40538"
        },
        {
          "name": "FEDORA-2010-9415",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/repos/sudo/rev/a09c6812eaec"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "name": "DSA-2062",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2062"
        },
        {
          "name": "FEDORA-2010-9402",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
        },
        {
          "name": "GLSA-201009-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201009-03.xml"
        },
        {
          "name": "ADV-2010-1478",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1478"
        },
        {
          "name": "RHSA-2010:0475",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0475.html"
        },
        {
          "name": "oval:org.mitre.oval:def:7338",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338"
        },
        {
          "name": "40508",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40508"
        },
        {
          "name": "ADV-2010-1518",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1518"
        },
        {
          "name": "ADV-2010-1519",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1519"
        },
        {
          "name": "ADV-2010-1452",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1452"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598154"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-1646",
    "datePublished": "2010-06-07T14:00:00",
    "dateReserved": "2010-04-29T00:00:00",
    "dateUpdated": "2024-08-07T01:28:41.583Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-5000 (GCVE-0-2011-5000)

Vulnerability from cvelistv5

Published

2012-04-04 10:00

Modified

2024-08-07 00:23

Severity ?

CWE

n/a

Summary

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

References

URL

Tags

	http://seclists.org/fulldisclosure/2011/Aug/2	mailing-list, x_refsource_FULLDISC
	http://rhn.redhat.com/errata/RHSA-2012-0884.html	vendor-advisory, x_refsource_REDHAT
	http://site.pi3.com.pl/adv/ssh_1.txt	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:23:39.092Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20110801 Useless OpenSSH resources exhausion bug via GSSAPI",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2011/Aug/2"
          },
          {
            "name": "RHSA-2012:0884",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0884.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://site.pi3.com.pl/adv/ssh_1.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field.  NOTE: there may be limited scenarios in which this issue is relevant."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-07-23T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20110801 Useless OpenSSH resources exhausion bug via GSSAPI",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2011/Aug/2"
        },
        {
          "name": "RHSA-2012:0884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0884.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://site.pi3.com.pl/adv/ssh_1.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-5000",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field.  NOTE: there may be limited scenarios in which this issue is relevant."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20110801 Useless OpenSSH resources exhausion bug via GSSAPI",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2011/Aug/2"
            },
            {
              "name": "RHSA-2012:0884",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0884.html"
            },
            {
              "name": "http://site.pi3.com.pl/adv/ssh_1.txt",
              "refsource": "MISC",
              "url": "http://site.pi3.com.pl/adv/ssh_1.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-5000",
    "datePublished": "2012-04-04T10:00:00",
    "dateReserved": "2011-12-24T00:00:00",
    "dateUpdated": "2024-08-07T00:23:39.092Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-3470 (GCVE-0-2014-3470)

Vulnerability from cvelistv5

Published

2014-06-05 21:00

Modified

2024-08-06 10:43

Severity ?

CWE

n/a

Summary

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.

References

URL

Tags

	http://secunia.com/advisories/59342	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59669	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59525	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21675626	x_refsource_CONFIRM
	http://secunia.com/advisories/59282	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015300	x_refsource_CONFIRM
	http://secunia.com/advisories/59990	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59264	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59126	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015264	x_refsource_CONFIRM
	http://secunia.com/advisories/59306	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21678289	x_refsource_CONFIRM
	http://secunia.com/advisories/59445	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140266410314613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59340	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61254	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676655	x_refsource_CONFIRM
	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E	x_refsource_CONFIRM
	http://secunia.com/advisories/59223	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59895	third-party-advisory, x_refsource_SECUNIA
	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=8011cd56e39a433b1837465259a9bd24a38727fb	x_refsource_CONFIRM
	http://secunia.com/advisories/59449	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg400001843	x_refsource_CONFIRM
	http://secunia.com/advisories/59442	third-party-advisory, x_refsource_SECUNIA
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140317760000786&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21676879	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg24037761	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21677828	x_refsource_CONFIRM
	http://secunia.com/advisories/59441	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140621259019789&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59189	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2014:106	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/58742	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59300	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58667	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-201407-05.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/59191	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59284	third-party-advisory, x_refsource_SECUNIA
	http://www.ibm.com/support/docview.wss?uid=swg24037783	x_refsource_CONFIRM
	http://secunia.com/advisories/59365	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21677695	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676529	x_refsource_CONFIRM
	http://secunia.com/advisories/59483	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/534161/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/59495	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676889	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/58945	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg400001841	x_refsource_CONFIRM
	http://secunia.com/advisories/59659	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59440	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59655	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58716	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676071	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21677836	x_refsource_CONFIRM
	http://secunia.com/advisories/59437	third-party-advisory, x_refsource_SECUNIA
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754	x_refsource_CONFIRM
	http://www.vmware.com/security/advisories/VMSA-2014-0006.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59310	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676501	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	x_refsource_CONFIRM
	http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc	x_refsource_CONFIRM
	http://www.splunk.com/view/SP-CAAAM2D	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://www.ibm.com/support/docview.wss?uid=swg21676793	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg21676356	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140389274407904&w=2	vendor-advisory, x_refsource_HP
	http://support.citrix.com/article/CTX140876	x_refsource_CONFIRM
	http://secunia.com/advisories/59167	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59120	third-party-advisory, x_refsource_SECUNIA
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140499827729550&w=2	vendor-advisory, x_refsource_HP
	http://www.mandriva.com/security/advisories?name=MDVSA-2014:105	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/59460	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58939	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140266410314613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59514	third-party-advisory, x_refsource_SECUNIA
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl	vendor-advisory, x_refsource_CISCO
	http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195	x_refsource_CONFIRM
	https://kc.mcafee.com/corporate/index?page=content&id=SB10075	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676419	x_refsource_CONFIRM
	http://secunia.com/advisories/59438	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676496	x_refsource_CONFIRM
	http://secunia.com/advisories/58714	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140482916501310&w=2	vendor-advisory, x_refsource_HP
	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html	x_refsource_CONFIRM
	http://www.openssl.org/news/secadv_20140605.txt	x_refsource_CONFIRM
	http://secunia.com/advisories/58615	third-party-advisory, x_refsource_SECUNIA
	http://seclists.org/fulldisclosure/2014/Dec/23	mailing-list, x_refsource_FULLDISC
	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html	vendor-advisory, x_refsource_SUSE
	http://support.apple.com/kb/HT6443	x_refsource_CONFIRM
	http://secunia.com/advisories/59301	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59784	third-party-advisory, x_refsource_SECUNIA
	https://kb.bluecoat.com/index?page=content&id=SA80	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140904544427729&w=2	vendor-advisory, x_refsource_HP
	http://www.f-secure.com/en/web/labs_global/fsc-2014-6	x_refsource_CONFIRM
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21678167	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/67898	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/59192	third-party-advisory, x_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html	vendor-advisory, x_refsource_FEDORA
	http://marc.info/?l=bugtraq&m=140752315422991&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/58579	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140389355508263&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59175	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140448122410568&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59666	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140431828824371&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59413	third-party-advisory, x_refsource_SECUNIA
	http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21675821	x_refsource_CONFIRM
	http://secunia.com/advisories/59721	third-party-advisory, x_refsource_SECUNIA
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676062	x_refsource_CONFIRM
	http://secunia.com/advisories/58713	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21673137	x_refsource_CONFIRM
	http://secunia.com/advisories/59362	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	vendor-advisory, x_refsource_MANDRIVA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676035	x_refsource_CONFIRM
	http://secunia.com/advisories/59450	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59287	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21683332	x_refsource_CONFIRM
	http://secunia.com/advisories/59491	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59364	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59451	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58977	third-party-advisory, x_refsource_SECUNIA
	https://www.novell.com/support/kb/doc.php?id=7015271	x_refsource_CONFIRM
	http://secunia.com/advisories/60571	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59459	third-party-advisory, x_refsource_SECUNIA
	http://www.blackberry.com/btsc/KB36051	x_refsource_CONFIRM
	http://secunia.com/advisories/59431	third-party-advisory, x_refsource_SECUNIA
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755	x_refsource_CONFIRM
	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21677527	x_refsource_CONFIRM
	http://secunia.com/advisories/58337	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59518	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59162	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=1103600	x_refsource_CONFIRM
	http://secunia.com/advisories/59490	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59916	third-party-advisory, x_refsource_SECUNIA
	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140491231331543&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/58797	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676615	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:43:06.356Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "59342",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59342"
          },
          {
            "name": "59669",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59669"
          },
          {
            "name": "59525",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59525"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
          },
          {
            "name": "59282",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59282"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015300"
          },
          {
            "name": "59990",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59990"
          },
          {
            "name": "59264",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59264"
          },
          {
            "name": "59126",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59126"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015264"
          },
          {
            "name": "59306",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59306"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
          },
          {
            "name": "59445",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
          },
          {
            "name": "HPSBUX03046",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
          },
          {
            "name": "59340",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59340"
          },
          {
            "name": "61254",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61254"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6061\u0026myns=phmc\u0026mync=E"
          },
          {
            "name": "59223",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59223"
          },
          {
            "name": "59895",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59895"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=8011cd56e39a433b1837465259a9bd24a38727fb"
          },
          {
            "name": "59449",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59449"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
          },
          {
            "name": "59442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59442"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
          },
          {
            "name": "HPSBOV03047",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
          },
          {
            "name": "59441",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59441"
          },
          {
            "name": "HPSBMU03074",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
          },
          {
            "name": "59189",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59189"
          },
          {
            "name": "MDVSA-2014:106",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106"
          },
          {
            "name": "58742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58742"
          },
          {
            "name": "59300",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59300"
          },
          {
            "name": "58667",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58667"
          },
          {
            "name": "GLSA-201407-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
          },
          {
            "name": "59191",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59191"
          },
          {
            "name": "59284",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59284"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
          },
          {
            "name": "59365",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59365"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
          },
          {
            "name": "59483",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59483"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
          },
          {
            "name": "59495",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
          },
          {
            "name": "FEDORA-2014-9308",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
          },
          {
            "name": "58945",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58945"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
          },
          {
            "name": "59659",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59659"
          },
          {
            "name": "59440",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59440"
          },
          {
            "name": "openSUSE-SU-2016:0640",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "name": "59655",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59655"
          },
          {
            "name": "58716",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58716"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
          },
          {
            "name": "59437",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59437"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html"
          },
          {
            "name": "59310",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59310"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.splunk.com/view/SP-CAAAM2D"
          },
          {
            "name": "SUSE-SU-2015:0743",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
          },
          {
            "name": "HPSBMU03057",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/CTX140876"
          },
          {
            "name": "59167",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59167"
          },
          {
            "name": "59120",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59120"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757"
          },
          {
            "name": "HPSBMU03069",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140499827729550\u0026w=2"
          },
          {
            "name": "MDVSA-2014:105",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105"
          },
          {
            "name": "59460",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59460"
          },
          {
            "name": "58939",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58939"
          },
          {
            "name": "SSRT101590",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
          },
          {
            "name": "59514",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59514"
          },
          {
            "name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
          },
          {
            "name": "59438",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59438"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
          },
          {
            "name": "58714",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58714"
          },
          {
            "name": "HPSBGN03050",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openssl.org/news/secadv_20140605.txt"
          },
          {
            "name": "58615",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58615"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
          },
          {
            "name": "SUSE-SU-2015:0578",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6443"
          },
          {
            "name": "59301",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59301"
          },
          {
            "name": "59784",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59784"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA80"
          },
          {
            "name": "HPSBMU03076",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
          },
          {
            "name": "67898",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/67898"
          },
          {
            "name": "59192",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59192"
          },
          {
            "name": "FEDORA-2014-9301",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html"
          },
          {
            "name": "HPSBMU03062",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
          },
          {
            "name": "58579",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58579"
          },
          {
            "name": "HPSBMU03056",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
          },
          {
            "name": "59175",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59175"
          },
          {
            "name": "HPSBMU03051",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
          },
          {
            "name": "59666",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59666"
          },
          {
            "name": "HPSBMU03055",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
          },
          {
            "name": "59413",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59413"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
          },
          {
            "name": "59721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
          },
          {
            "name": "58713",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58713"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
          },
          {
            "name": "59362",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59362"
          },
          {
            "name": "MDVSA-2015:062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
          },
          {
            "name": "59450",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59450"
          },
          {
            "name": "59287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59287"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
          },
          {
            "name": "59491",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59491"
          },
          {
            "name": "59364",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59364"
          },
          {
            "name": "59451",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59451"
          },
          {
            "name": "58977",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58977"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.novell.com/support/kb/doc.php?id=7015271"
          },
          {
            "name": "60571",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60571"
          },
          {
            "name": "59459",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59459"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.blackberry.com/btsc/KB36051"
          },
          {
            "name": "59431",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59431"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
          },
          {
            "name": "58337",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58337"
          },
          {
            "name": "59518",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59518"
          },
          {
            "name": "59162",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59162"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103600"
          },
          {
            "name": "59490",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59490"
          },
          {
            "name": "59916",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59916"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6060\u0026myns=phmc\u0026mync=E"
          },
          {
            "name": "HPSBMU03065",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
          },
          {
            "name": "58797",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58797"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-10T14:06:38",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "59342",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59342"
        },
        {
          "name": "59669",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59669"
        },
        {
          "name": "59525",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59525"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
        },
        {
          "name": "59282",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59282"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015300"
        },
        {
          "name": "59990",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59990"
        },
        {
          "name": "59264",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59264"
        },
        {
          "name": "59126",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59126"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015264"
        },
        {
          "name": "59306",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59306"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
        },
        {
          "name": "59445",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
        },
        {
          "name": "HPSBUX03046",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
        },
        {
          "name": "59340",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59340"
        },
        {
          "name": "61254",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61254"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6061\u0026myns=phmc\u0026mync=E"
        },
        {
          "name": "59223",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59223"
        },
        {
          "name": "59895",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59895"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=8011cd56e39a433b1837465259a9bd24a38727fb"
        },
        {
          "name": "59449",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59449"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
        },
        {
          "name": "59442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59442"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
        },
        {
          "name": "HPSBOV03047",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
        },
        {
          "name": "59441",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59441"
        },
        {
          "name": "HPSBMU03074",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
        },
        {
          "name": "59189",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59189"
        },
        {
          "name": "MDVSA-2014:106",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106"
        },
        {
          "name": "58742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58742"
        },
        {
          "name": "59300",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59300"
        },
        {
          "name": "58667",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58667"
        },
        {
          "name": "GLSA-201407-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
        },
        {
          "name": "59191",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59191"
        },
        {
          "name": "59284",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59284"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
        },
        {
          "name": "59365",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59365"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
        },
        {
          "name": "59483",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59483"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
        },
        {
          "name": "59495",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
        },
        {
          "name": "FEDORA-2014-9308",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
        },
        {
          "name": "58945",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58945"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
        },
        {
          "name": "59659",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59659"
        },
        {
          "name": "59440",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59440"
        },
        {
          "name": "openSUSE-SU-2016:0640",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
        },
        {
          "name": "59655",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59655"
        },
        {
          "name": "58716",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58716"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
        },
        {
          "name": "59437",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59437"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html"
        },
        {
          "name": "59310",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59310"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.splunk.com/view/SP-CAAAM2D"
        },
        {
          "name": "SUSE-SU-2015:0743",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
        },
        {
          "name": "HPSBMU03057",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.citrix.com/article/CTX140876"
        },
        {
          "name": "59167",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59167"
        },
        {
          "name": "59120",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59120"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757"
        },
        {
          "name": "HPSBMU03069",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140499827729550\u0026w=2"
        },
        {
          "name": "MDVSA-2014:105",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105"
        },
        {
          "name": "59460",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59460"
        },
        {
          "name": "58939",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58939"
        },
        {
          "name": "SSRT101590",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
        },
        {
          "name": "59514",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59514"
        },
        {
          "name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
        },
        {
          "name": "59438",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59438"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
        },
        {
          "name": "58714",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58714"
        },
        {
          "name": "HPSBGN03050",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openssl.org/news/secadv_20140605.txt"
        },
        {
          "name": "58615",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58615"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
        },
        {
          "name": "SUSE-SU-2015:0578",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6443"
        },
        {
          "name": "59301",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59301"
        },
        {
          "name": "59784",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59784"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA80"
        },
        {
          "name": "HPSBMU03076",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
        },
        {
          "name": "67898",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/67898"
        },
        {
          "name": "59192",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59192"
        },
        {
          "name": "FEDORA-2014-9301",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html"
        },
        {
          "name": "HPSBMU03062",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
        },
        {
          "name": "58579",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58579"
        },
        {
          "name": "HPSBMU03056",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
        },
        {
          "name": "59175",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59175"
        },
        {
          "name": "HPSBMU03051",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
        },
        {
          "name": "59666",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59666"
        },
        {
          "name": "HPSBMU03055",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
        },
        {
          "name": "59413",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59413"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
        },
        {
          "name": "59721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
        },
        {
          "name": "58713",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58713"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
        },
        {
          "name": "59362",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59362"
        },
        {
          "name": "MDVSA-2015:062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
        },
        {
          "name": "59450",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59450"
        },
        {
          "name": "59287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59287"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
        },
        {
          "name": "59491",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59491"
        },
        {
          "name": "59364",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59364"
        },
        {
          "name": "59451",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59451"
        },
        {
          "name": "58977",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58977"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.novell.com/support/kb/doc.php?id=7015271"
        },
        {
          "name": "60571",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60571"
        },
        {
          "name": "59459",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59459"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.blackberry.com/btsc/KB36051"
        },
        {
          "name": "59431",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59431"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
        },
        {
          "name": "58337",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58337"
        },
        {
          "name": "59518",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59518"
        },
        {
          "name": "59162",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59162"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103600"
        },
        {
          "name": "59490",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59490"
        },
        {
          "name": "59916",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59916"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6060\u0026myns=phmc\u0026mync=E"
        },
        {
          "name": "HPSBMU03065",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
        },
        {
          "name": "58797",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58797"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-3470",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "59342",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59342"
            },
            {
              "name": "59669",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59669"
            },
            {
              "name": "59525",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59525"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
            },
            {
              "name": "59282",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59282"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015300",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015300"
            },
            {
              "name": "59990",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59990"
            },
            {
              "name": "59264",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59264"
            },
            {
              "name": "59126",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59126"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015264",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015264"
            },
            {
              "name": "59306",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59306"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
            },
            {
              "name": "59445",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59445"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
            },
            {
              "name": "HPSBUX03046",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
            },
            {
              "name": "59340",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59340"
            },
            {
              "name": "61254",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61254"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
            },
            {
              "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6061\u0026myns=phmc\u0026mync=E",
              "refsource": "CONFIRM",
              "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6061\u0026myns=phmc\u0026mync=E"
            },
            {
              "name": "59223",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59223"
            },
            {
              "name": "59895",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59895"
            },
            {
              "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8011cd56e39a433b1837465259a9bd24a38727fb",
              "refsource": "CONFIRM",
              "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8011cd56e39a433b1837465259a9bd24a38727fb"
            },
            {
              "name": "59449",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59449"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
            },
            {
              "name": "59442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59442"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
            },
            {
              "name": "HPSBOV03047",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
            },
            {
              "name": "59441",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59441"
            },
            {
              "name": "HPSBMU03074",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
            },
            {
              "name": "59189",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59189"
            },
            {
              "name": "MDVSA-2014:106",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106"
            },
            {
              "name": "58742",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58742"
            },
            {
              "name": "59300",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59300"
            },
            {
              "name": "58667",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58667"
            },
            {
              "name": "GLSA-201407-05",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
            },
            {
              "name": "59191",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59191"
            },
            {
              "name": "59284",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59284"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg24037783",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
            },
            {
              "name": "59365",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59365"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
            },
            {
              "name": "59483",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59483"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
            },
            {
              "name": "59495",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59495"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
            },
            {
              "name": "FEDORA-2014-9308",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
            },
            {
              "name": "58945",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58945"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
            },
            {
              "name": "59659",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59659"
            },
            {
              "name": "59440",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59440"
            },
            {
              "name": "openSUSE-SU-2016:0640",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
            },
            {
              "name": "59655",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59655"
            },
            {
              "name": "58716",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58716"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
            },
            {
              "name": "59437",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59437"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html"
            },
            {
              "name": "59310",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59310"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc",
              "refsource": "CONFIRM",
              "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
            },
            {
              "name": "http://www.splunk.com/view/SP-CAAAM2D",
              "refsource": "CONFIRM",
              "url": "http://www.splunk.com/view/SP-CAAAM2D"
            },
            {
              "name": "SUSE-SU-2015:0743",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21676793",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21676356",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
            },
            {
              "name": "HPSBMU03057",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
            },
            {
              "name": "http://support.citrix.com/article/CTX140876",
              "refsource": "CONFIRM",
              "url": "http://support.citrix.com/article/CTX140876"
            },
            {
              "name": "59167",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59167"
            },
            {
              "name": "59120",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59120"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757"
            },
            {
              "name": "HPSBMU03069",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140499827729550\u0026w=2"
            },
            {
              "name": "MDVSA-2014:105",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105"
            },
            {
              "name": "59460",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59460"
            },
            {
              "name": "58939",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58939"
            },
            {
              "name": "SSRT101590",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
            },
            {
              "name": "59514",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59514"
            },
            {
              "name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
            },
            {
              "name": "59438",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59438"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
            },
            {
              "name": "58714",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58714"
            },
            {
              "name": "HPSBGN03050",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html"
            },
            {
              "name": "http://www.openssl.org/news/secadv_20140605.txt",
              "refsource": "CONFIRM",
              "url": "http://www.openssl.org/news/secadv_20140605.txt"
            },
            {
              "name": "58615",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58615"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
            },
            {
              "name": "SUSE-SU-2015:0578",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6443",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6443"
            },
            {
              "name": "59301",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59301"
            },
            {
              "name": "59784",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59784"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA80",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA80"
            },
            {
              "name": "HPSBMU03076",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
            },
            {
              "name": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6",
              "refsource": "CONFIRM",
              "url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
            },
            {
              "name": "67898",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/67898"
            },
            {
              "name": "59192",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59192"
            },
            {
              "name": "FEDORA-2014-9301",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html"
            },
            {
              "name": "HPSBMU03062",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
            },
            {
              "name": "58579",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58579"
            },
            {
              "name": "HPSBMU03056",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
            },
            {
              "name": "59175",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59175"
            },
            {
              "name": "HPSBMU03051",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
            },
            {
              "name": "59666",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59666"
            },
            {
              "name": "HPSBMU03055",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
            },
            {
              "name": "59413",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59413"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
            },
            {
              "name": "59721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59721"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
            },
            {
              "name": "58713",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58713"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
            },
            {
              "name": "59362",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59362"
            },
            {
              "name": "MDVSA-2015:062",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
            },
            {
              "name": "59450",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59450"
            },
            {
              "name": "59287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59287"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
            },
            {
              "name": "59491",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59491"
            },
            {
              "name": "59364",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59364"
            },
            {
              "name": "59451",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59451"
            },
            {
              "name": "58977",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58977"
            },
            {
              "name": "https://www.novell.com/support/kb/doc.php?id=7015271",
              "refsource": "CONFIRM",
              "url": "https://www.novell.com/support/kb/doc.php?id=7015271"
            },
            {
              "name": "60571",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60571"
            },
            {
              "name": "59459",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59459"
            },
            {
              "name": "http://www.blackberry.com/btsc/KB36051",
              "refsource": "CONFIRM",
              "url": "http://www.blackberry.com/btsc/KB36051"
            },
            {
              "name": "59431",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59431"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755"
            },
            {
              "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
            },
            {
              "name": "58337",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58337"
            },
            {
              "name": "59518",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59518"
            },
            {
              "name": "59162",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59162"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1103600",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103600"
            },
            {
              "name": "59490",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59490"
            },
            {
              "name": "59916",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59916"
            },
            {
              "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6060\u0026myns=phmc\u0026mync=E",
              "refsource": "CONFIRM",
              "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6060\u0026myns=phmc\u0026mync=E"
            },
            {
              "name": "HPSBMU03065",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
            },
            {
              "name": "58797",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58797"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-3470",
    "datePublished": "2014-06-05T21:00:00",
    "dateReserved": "2014-05-14T00:00:00",
    "dateUpdated": "2024-08-06T10:43:06.356Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-3919 (GCVE-0-2011-3919)

Vulnerability from cvelistv5

Published

2012-01-07 11:00

Modified

2024-08-06 23:53

Severity ?

CWE

n/a

Summary

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

References

URL

Tags

	http://www.securityfocus.com/bid/51300	vdb-entry, x_refsource_BID
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504	vdb-entry, signature, x_refsource_OVAL
	http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html	vendor-advisory, x_refsource_SUSE
	http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT5503	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-0217.html	vendor-advisory, x_refsource_REDHAT
	http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=107128	x_refsource_CONFIRM
	http://secunia.com/advisories/55568	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2012:005	vendor-advisory, x_refsource_MANDRIVA
	http://www.securitytracker.com/id?1026487	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/47449	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT5281	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2012/May/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://www.debian.org/security/2012/dsa-2394	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:53:32.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "51300",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/51300"
          },
          {
            "name": "oval:org.mitre.oval:def:14504",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504"
          },
          {
            "name": "SUSE-SU-2013:1627",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html"
          },
          {
            "name": "APPLE-SA-2012-09-19-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5503"
          },
          {
            "name": "RHSA-2013:0217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=107128"
          },
          {
            "name": "55568",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55568"
          },
          {
            "name": "MDVSA-2012:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:005"
          },
          {
            "name": "1026487",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026487"
          },
          {
            "name": "47449",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47449"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5281"
          },
          {
            "name": "APPLE-SA-2012-05-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
          },
          {
            "name": "DSA-2394",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2394"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "name": "51300",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/51300"
        },
        {
          "name": "oval:org.mitre.oval:def:14504",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504"
        },
        {
          "name": "SUSE-SU-2013:1627",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html"
        },
        {
          "name": "APPLE-SA-2012-09-19-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5503"
        },
        {
          "name": "RHSA-2013:0217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=107128"
        },
        {
          "name": "55568",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55568"
        },
        {
          "name": "MDVSA-2012:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:005"
        },
        {
          "name": "1026487",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026487"
        },
        {
          "name": "47449",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47449"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5281"
        },
        {
          "name": "APPLE-SA-2012-05-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
        },
        {
          "name": "DSA-2394",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2394"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2011-3919",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "51300",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/51300"
            },
            {
              "name": "oval:org.mitre.oval:def:14504",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504"
            },
            {
              "name": "SUSE-SU-2013:1627",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html"
            },
            {
              "name": "APPLE-SA-2012-09-19-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5503",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5503"
            },
            {
              "name": "RHSA-2013:0217",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=107128",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=107128"
            },
            {
              "name": "55568",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55568"
            },
            {
              "name": "MDVSA-2012:005",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:005"
            },
            {
              "name": "1026487",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026487"
            },
            {
              "name": "47449",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/47449"
            },
            {
              "name": "http://support.apple.com/kb/HT5281",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5281"
            },
            {
              "name": "APPLE-SA-2012-05-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
            },
            {
              "name": "DSA-2394",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2394"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2011-3919",
    "datePublished": "2012-01-07T11:00:00",
    "dateReserved": "2011-10-01T00:00:00",
    "dateUpdated": "2024-08-06T23:53:32.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-4317 (GCVE-0-2011-4317)

Vulnerability from cvelistv5

Published

2011-11-30 02:00

Modified

2024-08-07 00:01

Severity ?

CWE

n/a

Summary

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.

References

URL

Tags

	https://community.qualys.com/blogs/securitylabs/2011/11/23/apache-reverse-proxy-bypass-issue	x_refsource_MISC
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=134987041210674&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=134987041210674&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=133294460209056&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2012-0128.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=133294460209056&w=2	vendor-advisory, x_refsource_HP
	https://bugzilla.redhat.com/show_bug.cgi?id=756483	x_refsource_CONFIRM
	http://thread.gmane.org/gmane.comp.apache.devel/46440	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT5501	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html	x_refsource_CONFIRM
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id?1026353	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/48551	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2012/dsa-2405	vendor-advisory, x_refsource_DEBIAN
	http://kb.juniper.net/JSA10585	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2012:003	vendor-advisory, x_refsource_MANDRIVA
	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:01:51.602Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://community.qualys.com/blogs/securitylabs/2011/11/23/apache-reverse-proxy-bypass-issue"
          },
          {
            "name": "HPSBMU02786",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "SSRT100966",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
          },
          {
            "name": "HPSBOV02822",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
          },
          {
            "name": "SSRT100772",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
          },
          {
            "name": "RHSA-2012:0128",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0128.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "name": "HPSBMU02748",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=756483"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://thread.gmane.org/gmane.comp.apache.devel/46440"
          },
          {
            "name": "APPLE-SA-2012-09-19-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5501"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
          },
          {
            "name": "SSRT100877",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "openSUSE-SU-2013:0248",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"
          },
          {
            "name": "1026353",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026353"
          },
          {
            "name": "openSUSE-SU-2013:0243",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          },
          {
            "name": "48551",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48551"
          },
          {
            "name": "DSA-2405",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2405"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/JSA10585"
          },
          {
            "name": "MDVSA-2012:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:003"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-11-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-06T10:06:49",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://community.qualys.com/blogs/securitylabs/2011/11/23/apache-reverse-proxy-bypass-issue"
        },
        {
          "name": "HPSBMU02786",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "SSRT100966",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
        },
        {
          "name": "HPSBOV02822",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
        },
        {
          "name": "SSRT100772",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
        },
        {
          "name": "RHSA-2012:0128",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0128.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
        },
        {
          "name": "HPSBMU02748",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=756483"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://thread.gmane.org/gmane.comp.apache.devel/46440"
        },
        {
          "name": "APPLE-SA-2012-09-19-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5501"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
        },
        {
          "name": "SSRT100877",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "openSUSE-SU-2013:0248",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"
        },
        {
          "name": "1026353",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026353"
        },
        {
          "name": "openSUSE-SU-2013:0243",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        },
        {
          "name": "48551",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48551"
        },
        {
          "name": "DSA-2405",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2405"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/JSA10585"
        },
        {
          "name": "MDVSA-2012:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:003"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2011-4317",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://community.qualys.com/blogs/securitylabs/2011/11/23/apache-reverse-proxy-bypass-issue",
              "refsource": "MISC",
              "url": "https://community.qualys.com/blogs/securitylabs/2011/11/23/apache-reverse-proxy-bypass-issue"
            },
            {
              "name": "HPSBMU02786",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "SSRT100966",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
            },
            {
              "name": "HPSBOV02822",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
            },
            {
              "name": "SSRT100772",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
            },
            {
              "name": "RHSA-2012:0128",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0128.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
            },
            {
              "name": "HPSBMU02748",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133294460209056\u0026w=2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=756483",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=756483"
            },
            {
              "name": "http://thread.gmane.org/gmane.comp.apache.devel/46440",
              "refsource": "CONFIRM",
              "url": "http://thread.gmane.org/gmane.comp.apache.devel/46440"
            },
            {
              "name": "APPLE-SA-2012-09-19-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5501",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5501"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
            },
            {
              "name": "SSRT100877",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "openSUSE-SU-2013:0248",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"
            },
            {
              "name": "1026353",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026353"
            },
            {
              "name": "openSUSE-SU-2013:0243",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            },
            {
              "name": "48551",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48551"
            },
            {
              "name": "DSA-2405",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2405"
            },
            {
              "name": "http://kb.juniper.net/JSA10585",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/JSA10585"
            },
            {
              "name": "MDVSA-2012:003",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:003"
            },
            {
              "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-4317",
    "datePublished": "2011-11-30T02:00:00",
    "dateReserved": "2011-11-04T00:00:00",
    "dateUpdated": "2024-08-07T00:01:51.602Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-3062 (GCVE-0-2014-3062)

Vulnerability from cvelistv5

Published

2014-09-27 10:00

Modified

2024-08-06 10:28

Severity ?

CWE

n/a

Summary

Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 MR2 allows remote attackers to execute arbitrary code via unknown vectors.

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilities/93540	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21683609	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:28:46.332Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-qradar-cve20143062-rce(93540)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93540"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683609"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 MR2 allows remote attackers to execute arbitrary code via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-qradar-cve20143062-rce(93540)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93540"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683609"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-3062",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 MR2 allows remote attackers to execute arbitrary code via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-qradar-cve20143062-rce(93540)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93540"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683609",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683609"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-3062",
    "datePublished": "2014-09-27T10:00:00",
    "dateReserved": "2014-04-29T00:00:00",
    "dateUpdated": "2024-08-06T10:28:46.332Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0830 (GCVE-0-2010-0830)

Vulnerability from cvelistv5

Published

2010-06-01 20:00

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.

References

URL

Tags

	http://www.mandriva.com/security/advisories?name=MDVSA-2010:111	vendor-advisory, x_refsource_MANDRIVA
	http://security.gentoo.org/glsa/glsa-201011-01.xml	vendor-advisory, x_refsource_GENTOO
	http://www.vupen.com/english/advisories/2010/1246	vdb-entry, x_refsource_VUPEN
	http://www.ubuntu.com/usn/USN-944-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/39900	third-party-advisory, x_refsource_SECUNIA
	https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/40063	vdb-entry, x_refsource_BID
	http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html	x_refsource_MISC
	http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=db07e962b6ea963dbb345439f6ab9b0cf74d87c5	x_refsource_CONFIRM
	http://frugalware.org/security/662	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:112	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2010/dsa-2058	vendor-advisory, x_refsource_DEBIAN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/58915	vdb-entry, x_refsource_XF
	http://securitytracker.com/id?1024044	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:39.371Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2010:111",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
          },
          {
            "name": "GLSA-201011-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
          },
          {
            "name": "ADV-2010-1246",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1246"
          },
          {
            "name": "USN-944-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-944-1"
          },
          {
            "name": "39900",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39900"
          },
          {
            "name": "SUSE-SA:2010:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
          },
          {
            "name": "40063",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/40063"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=db07e962b6ea963dbb345439f6ab9b0cf74d87c5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://frugalware.org/security/662"
          },
          {
            "name": "MDVSA-2010:112",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
          },
          {
            "name": "DSA-2058",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2058"
          },
          {
            "name": "glibc-elf-code-execution(58915)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58915"
          },
          {
            "name": "1024044",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1024044"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-04-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "name": "MDVSA-2010:111",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
        },
        {
          "name": "GLSA-201011-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
        },
        {
          "name": "ADV-2010-1246",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1246"
        },
        {
          "name": "USN-944-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-944-1"
        },
        {
          "name": "39900",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39900"
        },
        {
          "name": "SUSE-SA:2010:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
        },
        {
          "name": "40063",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/40063"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=db07e962b6ea963dbb345439f6ab9b0cf74d87c5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://frugalware.org/security/662"
        },
        {
          "name": "MDVSA-2010:112",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
        },
        {
          "name": "DSA-2058",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2058"
        },
        {
          "name": "glibc-elf-code-execution(58915)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58915"
        },
        {
          "name": "1024044",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1024044"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "ID": "CVE-2010-0830",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2010:111",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
            },
            {
              "name": "GLSA-201011-01",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
            },
            {
              "name": "ADV-2010-1246",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1246"
            },
            {
              "name": "USN-944-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-944-1"
            },
            {
              "name": "39900",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/39900"
            },
            {
              "name": "SUSE-SA:2010:052",
              "refsource": "SUSE",
              "url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
            },
            {
              "name": "40063",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/40063"
            },
            {
              "name": "http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html",
              "refsource": "MISC",
              "url": "http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html"
            },
            {
              "name": "http://sourceware.org/git/?p=glibc.git;a=commit;h=db07e962b6ea963dbb345439f6ab9b0cf74d87c5",
              "refsource": "CONFIRM",
              "url": "http://sourceware.org/git/?p=glibc.git;a=commit;h=db07e962b6ea963dbb345439f6ab9b0cf74d87c5"
            },
            {
              "name": "http://frugalware.org/security/662",
              "refsource": "CONFIRM",
              "url": "http://frugalware.org/security/662"
            },
            {
              "name": "MDVSA-2010:112",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
            },
            {
              "name": "DSA-2058",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2010/dsa-2058"
            },
            {
              "name": "glibc-elf-code-execution(58915)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58915"
            },
            {
              "name": "1024044",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1024044"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2010-0830",
    "datePublished": "2010-06-01T20:00:00",
    "dateReserved": "2010-03-03T00:00:00",
    "dateUpdated": "2024-08-07T00:59:39.371Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-1643 (GCVE-0-2013-1643)

Vulnerability from cvelistv5

Published

2013-03-06 11:00

Modified

2024-08-06 15:13

Severity ?

CWE

n/a

Summary

The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824.

References

URL

Tags

	http://www.ubuntu.com/usn/USN-1761-1	vendor-advisory, x_refsource_UBUNTU
	https://bugs.gentoo.org/show_bug.cgi?id=459904	x_refsource_CONFIRM
	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8e76d0404b7f664ee6719fd98f0483f0ac4669d6	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2013:114	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/55078	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=918187	x_refsource_CONFIRM
	http://www.php.net/ChangeLog-5.php	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1307.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2013-1615.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2013/dsa-2639	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html	vendor-advisory, x_refsource_SUSE
	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101	x_refsource_CONFIRM
	http://support.apple.com/kb/HT5880	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:13:32.313Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-1761-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1761-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.gentoo.org/show_bug.cgi?id=459904"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8e76d0404b7f664ee6719fd98f0483f0ac4669d6"
          },
          {
            "name": "MDVSA-2013:114",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:114"
          },
          {
            "name": "55078",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55078"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918187"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php"
          },
          {
            "name": "APPLE-SA-2013-09-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221"
          },
          {
            "name": "RHSA-2013:1307",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html"
          },
          {
            "name": "RHSA-2013:1615",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1615.html"
          },
          {
            "name": "DSA-2639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2639"
          },
          {
            "name": "SUSE-SU-2013:1315",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
          },
          {
            "name": "SUSE-SU-2013:1285",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5880"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-01-24T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-1761-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1761-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.gentoo.org/show_bug.cgi?id=459904"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8e76d0404b7f664ee6719fd98f0483f0ac4669d6"
        },
        {
          "name": "MDVSA-2013:114",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:114"
        },
        {
          "name": "55078",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55078"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918187"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php"
        },
        {
          "name": "APPLE-SA-2013-09-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221"
        },
        {
          "name": "RHSA-2013:1307",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html"
        },
        {
          "name": "RHSA-2013:1615",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1615.html"
        },
        {
          "name": "DSA-2639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2639"
        },
        {
          "name": "SUSE-SU-2013:1315",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
        },
        {
          "name": "SUSE-SU-2013:1285",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5880"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-1643",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-1761-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1761-1"
            },
            {
              "name": "https://bugs.gentoo.org/show_bug.cgi?id=459904",
              "refsource": "CONFIRM",
              "url": "https://bugs.gentoo.org/show_bug.cgi?id=459904"
            },
            {
              "name": "http://git.php.net/?p=php-src.git;a=commit;h=8e76d0404b7f664ee6719fd98f0483f0ac4669d6",
              "refsource": "CONFIRM",
              "url": "http://git.php.net/?p=php-src.git;a=commit;h=8e76d0404b7f664ee6719fd98f0483f0ac4669d6"
            },
            {
              "name": "MDVSA-2013:114",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:114"
            },
            {
              "name": "55078",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55078"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=918187",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918187"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-5.php"
            },
            {
              "name": "APPLE-SA-2013-09-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221"
            },
            {
              "name": "RHSA-2013:1307",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html"
            },
            {
              "name": "RHSA-2013:1615",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1615.html"
            },
            {
              "name": "DSA-2639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2639"
            },
            {
              "name": "SUSE-SU-2013:1315",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
            },
            {
              "name": "SUSE-SU-2013:1285",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html"
            },
            {
              "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101",
              "refsource": "CONFIRM",
              "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101"
            },
            {
              "name": "http://support.apple.com/kb/HT5880",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5880"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-1643",
    "datePublished": "2013-03-06T11:00:00",
    "dateReserved": "2013-02-10T00:00:00",
    "dateUpdated": "2024-08-06T15:13:32.313Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-1635 (GCVE-0-2013-1635)

Vulnerability from cvelistv5

Published

2013-03-06 11:00

Modified

2024-08-06 15:13

Severity ?

CWE

n/a

Summary

ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory.

References

URL

Tags

	http://git.php.net/?p=php-src.git%3Ba=blob%3Bf=NEWS%3Bh=82afa3a040e639f3595121e45b850d5453906a00%3Bhb=refs/heads/PHP-5.3	x_refsource_CONFIRM
	https://bugs.gentoo.org/show_bug.cgi?id=459904	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2013:114	vendor-advisory, x_refsource_MANDRIVA
	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=918196	x_refsource_CONFIRM
	http://www.debian.org/security/2013/dsa-2639	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html	vendor-advisory, x_refsource_SUSE
	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101	x_refsource_CONFIRM
	http://support.apple.com/kb/HT5880	x_refsource_CONFIRM
	http://git.php.net/?p=php-src.git%3Ba=blob%3Bf=NEWS%3Bh=36f6f9a4396d3034cc903a4271e7fdeccc5d3ea6%3Bhb=refs/heads/PHP-5.4	x_refsource_CONFIRM
	http://git.php.net/?p=php-src.git%3Ba=commitdiff%3Bh=702b436ef470cc02f8e2cc21f2fadeee42103c74	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:13:32.462Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.php.net/?p=php-src.git%3Ba=blob%3Bf=NEWS%3Bh=82afa3a040e639f3595121e45b850d5453906a00%3Bhb=refs/heads/PHP-5.3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.gentoo.org/show_bug.cgi?id=459904"
          },
          {
            "name": "MDVSA-2013:114",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:114"
          },
          {
            "name": "APPLE-SA-2013-09-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918196"
          },
          {
            "name": "DSA-2639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2639"
          },
          {
            "name": "SUSE-SU-2013:1315",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
          },
          {
            "name": "SUSE-SU-2013:1285",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5880"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.php.net/?p=php-src.git%3Ba=blob%3Bf=NEWS%3Bh=36f6f9a4396d3034cc903a4271e7fdeccc5d3ea6%3Bhb=refs/heads/PHP-5.4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.php.net/?p=php-src.git%3Ba=commitdiff%3Bh=702b436ef470cc02f8e2cc21f2fadeee42103c74"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-01-24T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.php.net/?p=php-src.git%3Ba=blob%3Bf=NEWS%3Bh=82afa3a040e639f3595121e45b850d5453906a00%3Bhb=refs/heads/PHP-5.3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.gentoo.org/show_bug.cgi?id=459904"
        },
        {
          "name": "MDVSA-2013:114",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:114"
        },
        {
          "name": "APPLE-SA-2013-09-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918196"
        },
        {
          "name": "DSA-2639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2639"
        },
        {
          "name": "SUSE-SU-2013:1315",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
        },
        {
          "name": "SUSE-SU-2013:1285",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5880"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.php.net/?p=php-src.git%3Ba=blob%3Bf=NEWS%3Bh=36f6f9a4396d3034cc903a4271e7fdeccc5d3ea6%3Bhb=refs/heads/PHP-5.4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.php.net/?p=php-src.git%3Ba=commitdiff%3Bh=702b436ef470cc02f8e2cc21f2fadeee42103c74"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-1635",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.php.net/?p=php-src.git;a=blob;f=NEWS;h=82afa3a040e639f3595121e45b850d5453906a00;hb=refs/heads/PHP-5.3",
              "refsource": "CONFIRM",
              "url": "http://git.php.net/?p=php-src.git;a=blob;f=NEWS;h=82afa3a040e639f3595121e45b850d5453906a00;hb=refs/heads/PHP-5.3"
            },
            {
              "name": "https://bugs.gentoo.org/show_bug.cgi?id=459904",
              "refsource": "CONFIRM",
              "url": "https://bugs.gentoo.org/show_bug.cgi?id=459904"
            },
            {
              "name": "MDVSA-2013:114",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:114"
            },
            {
              "name": "APPLE-SA-2013-09-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=918196",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918196"
            },
            {
              "name": "DSA-2639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2639"
            },
            {
              "name": "SUSE-SU-2013:1315",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
            },
            {
              "name": "SUSE-SU-2013:1285",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html"
            },
            {
              "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101",
              "refsource": "CONFIRM",
              "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101"
            },
            {
              "name": "http://support.apple.com/kb/HT5880",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5880"
            },
            {
              "name": "http://git.php.net/?p=php-src.git;a=blob;f=NEWS;h=36f6f9a4396d3034cc903a4271e7fdeccc5d3ea6;hb=refs/heads/PHP-5.4",
              "refsource": "CONFIRM",
              "url": "http://git.php.net/?p=php-src.git;a=blob;f=NEWS;h=36f6f9a4396d3034cc903a4271e7fdeccc5d3ea6;hb=refs/heads/PHP-5.4"
            },
            {
              "name": "http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74",
              "refsource": "CONFIRM",
              "url": "http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-1635",
    "datePublished": "2013-03-06T11:00:00",
    "dateReserved": "2013-02-07T00:00:00",
    "dateUpdated": "2024-08-06T15:13:32.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-1620 (GCVE-0-2013-1620)

Vulnerability from cvelistv5

Published

2013-02-08 19:00

Modified

2024-08-06 15:04

Severity ?

CWE

n/a

Summary

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.

References

URL

Tags

	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/57777	vdb-entry, x_refsource_BID
	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	x_refsource_CONFIRM
	http://www.isg.rhul.ac.uk/tls/TLStiming.pdf	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://openwall.com/lists/oss-security/2013/02/05/24	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/archive/1/534161/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1763-1	vendor-advisory, x_refsource_UBUNTU
	http://security.gentoo.org/glsa/glsa-201406-19.xml	vendor-advisory, x_refsource_GENTOO
	http://rhn.redhat.com/errata/RHSA-2013-1135.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1144.html	vendor-advisory, x_refsource_REDHAT
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Dec/23	mailing-list, x_refsource_FULLDISC
	http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/64758	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:04:49.481Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "name": "57777",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57777"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
          },
          {
            "name": "openSUSE-SU-2013:0630",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html"
          },
          {
            "name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/02/05/24"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "name": "USN-1763-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1763-1"
          },
          {
            "name": "GLSA-201406-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-19.xml"
          },
          {
            "name": "RHSA-2013:1135",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1135.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
          },
          {
            "name": "RHSA-2013:1144",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1144.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
          },
          {
            "name": "openSUSE-SU-2013:0631",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html"
          },
          {
            "name": "64758",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64758"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
        },
        {
          "name": "57777",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57777"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
        },
        {
          "name": "openSUSE-SU-2013:0630",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html"
        },
        {
          "name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2013/02/05/24"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
        },
        {
          "name": "USN-1763-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1763-1"
        },
        {
          "name": "GLSA-201406-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-19.xml"
        },
        {
          "name": "RHSA-2013:1135",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1135.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
        },
        {
          "name": "RHSA-2013:1144",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1144.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
        },
        {
          "name": "openSUSE-SU-2013:0631",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html"
        },
        {
          "name": "64758",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64758"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-1620",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
            },
            {
              "name": "57777",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57777"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
            },
            {
              "name": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
              "refsource": "MISC",
              "url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
            },
            {
              "name": "openSUSE-SU-2013:0630",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html"
            },
            {
              "name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2013/02/05/24"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
            },
            {
              "name": "USN-1763-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1763-1"
            },
            {
              "name": "GLSA-201406-19",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-19.xml"
            },
            {
              "name": "RHSA-2013:1135",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1135.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
            },
            {
              "name": "RHSA-2013:1144",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1144.html"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
            },
            {
              "name": "openSUSE-SU-2013:0631",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html"
            },
            {
              "name": "64758",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/64758"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-1620",
    "datePublished": "2013-02-08T19:00:00",
    "dateReserved": "2013-02-05T00:00:00",
    "dateUpdated": "2024-08-06T15:04:49.481Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0837 (GCVE-0-2014-0837)

Vulnerability from cvelistv5

Published

2014-01-30 02:00

Modified

2024-08-06 09:27

Severity ?

CWE

n/a

Summary

The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

References

URL

Tags

	http://www.securityfocus.com/bid/65127	vdb-entry, x_refsource_BID
	http://osvdb.org/102552	vdb-entry, x_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilities/90680	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21663066	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Jan/166	mailing-list, x_refsource_FULLDISC
	http://secunia.com/advisories/56653	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:27:20.098Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "65127",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/65127"
          },
          {
            "name": "102552",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/102552"
          },
          {
            "name": "ibm-qradar-cve20140837-mitm(90680)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90680"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21663066"
          },
          {
            "name": "20140124 ADV: IBM QRadar SIEM",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Jan/166"
          },
          {
            "name": "56653",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56653"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-01-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "65127",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/65127"
        },
        {
          "name": "102552",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/102552"
        },
        {
          "name": "ibm-qradar-cve20140837-mitm(90680)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90680"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21663066"
        },
        {
          "name": "20140124 ADV: IBM QRadar SIEM",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Jan/166"
        },
        {
          "name": "56653",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56653"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-0837",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "65127",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/65127"
            },
            {
              "name": "102552",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/102552"
            },
            {
              "name": "ibm-qradar-cve20140837-mitm(90680)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90680"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21663066",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21663066"
            },
            {
              "name": "20140124 ADV: IBM QRadar SIEM",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Jan/166"
            },
            {
              "name": "56653",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56653"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-0837",
    "datePublished": "2014-01-30T02:00:00",
    "dateReserved": "2014-01-06T00:00:00",
    "dateUpdated": "2024-08-06T09:27:20.098Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-7169 (GCVE-0-2014-7169)

Vulnerability from cvelistv5

Published

2014-09-25 01:00

Modified

2025-07-30 01:46

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

n/a

Summary

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

References

URL

Tags

	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	x_refsource_MISC
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2014/09/24/32	mailing-list, x_refsource_MLIST
	http://marc.info/?l=bugtraq&m=141577137423233&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141216668515282&w=2	vendor-advisory, x_refsource_HP
	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383138121313&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/archive/1/533593/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	x_refsource_CONFIRM
	http://secunia.com/advisories/61188	third-party-advisory, x_refsource_SECUNIA
	http://jvn.jp/en/jp/JVN55667175/index.html	third-party-advisory, x_refsource_JVN
	http://secunia.com/advisories/61676	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/60433	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383026420882&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141585637922673&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1306.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=141576728022234&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	x_refsource_CONFIRM
	http://secunia.com/advisories/61715	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2363-2	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61816	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61442	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358078406056&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142805027510172&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61283	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142113462216480&w=2	vendor-advisory, x_refsource_HP
	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61654	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015701	x_refsource_CONFIRM
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	x_refsource_CONFIRM
	http://secunia.com/advisories/62312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59272	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141319209015420&w=2	vendor-advisory, x_refsource_HP
	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1312.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2363-1	vendor-advisory, x_refsource_UBUNTU
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61703	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT6495	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/252743	third-party-advisory, x_refsource_CERT-VN
	http://secunia.com/advisories/61065	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-3075.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383196021590&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141383081521087&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	x_refsource_CONFIRM
	http://support.novell.com/security/cve/CVE-2014-7169.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	x_refsource_CONFIRM
	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	third-party-advisory, x_refsource_JVNDB
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://www.us-cert.gov/ncas/alerts/TA14-268A	third-party-advisory, x_refsource_CERT
	http://secunia.com/advisories/61641	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html	vendor-advisory, x_refsource_SUSE
	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	x_refsource_CONFIRM
	https://access.redhat.com/node/1200223	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	x_refsource_CONFIRM
	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	vendor-advisory, x_refsource_APPLE
	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Oct/0	mailing-list, x_refsource_FULLDISC
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/61619	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-3078.html	x_refsource_CONFIRM
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60325	third-party-advisory, x_refsource_SECUNIA
	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	x_refsource_CONFIRM
	http://secunia.com/advisories/60024	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	x_refsource_MISC
	https://www.exploit-db.com/exploits/34879/	exploit, x_refsource_EXPLOIT-DB
	http://secunia.com/advisories/61622	third-party-advisory, x_refsource_SECUNIA
	https://access.redhat.com/articles/1200223	x_refsource_CONFIRM
	http://secunia.com/advisories/62343	third-party-advisory, x_refsource_SECUNIA
	http://advisories.mageia.org/MGASA-2014-0393.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61565	third-party-advisory, x_refsource_SECUNIA
	https://www.suse.com/support/shellshock/	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141450491804793&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61313	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61873	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61485	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61618	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60947	third-party-advisory, x_refsource_SECUNIA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	x_refsource_CONFIRM
	https://support.apple.com/kb/HT6535	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577297623641&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383244821813&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60193	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61479	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60063	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60034	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141330425327438&w=2	vendor-advisory, x_refsource_HP
	http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html	x_refsource_MISC
	http://secunia.com/advisories/59907	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58200	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141577241923505&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61643	third-party-advisory, x_refsource_SECUNIA
	http://twitter.com/taviso/statuses/514887394294652929	x_refsource_MISC
	http://www.novell.com/support/kb/doc.php?id=7015721	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	x_refsource_CONFIRM
	http://secunia.com/advisories/61503	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-1354.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=141216207813411&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383465822787&w=2	vendor-advisory, x_refsource_HP
	http://www.qnap.com/i/en/support/con_show.php?cid=61	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141694386919794&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61552	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61780	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX200223	x_refsource_CONFIRM
	http://linux.oracle.com/errata/ELSA-2014-3077.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	x_refsource_CONFIRM
	http://secunia.com/advisories/62228	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141330468527613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61855	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141235957116749&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60044	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61291	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141345648114150&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59737	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61287	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383353622268&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61711	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142113462216480&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383304022067&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1311.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/61128	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2014/dsa-3035	vendor-advisory, x_refsource_DEBIAN
	https://support.citrix.com/article/CTX200217	x_refsource_CONFIRM
	http://secunia.com/advisories/61471	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60055	third-party-advisory, x_refsource_SECUNIA
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	vendor-advisory, x_refsource_CISCO
	http://secunia.com/advisories/61550	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61633	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	x_refsource_CONFIRM
	http://linux.oracle.com/errata/ELSA-2014-1306.html	x_refsource_CONFIRM
	https://kb.bluecoat.com/index?page=content&id=SA82	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	x_refsource_CONFIRM
	http://secunia.com/advisories/61129	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61700	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61626	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61603	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61857	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	x_refsource_CONFIRM
	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:40:19.217Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
          },
          {
            "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
          },
          {
            "name": "HPSBMU03165",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
          },
          {
            "name": "HPSBHF03119",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
          },
          {
            "name": "HPSBST03131",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
          },
          {
            "name": "SSRT101819",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
          },
          {
            "name": "HPSBMU03245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2014:1229",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
          },
          {
            "name": "61188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61188"
          },
          {
            "name": "JVN#55667175",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
          },
          {
            "name": "61676",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61676"
          },
          {
            "name": "openSUSE-SU-2014:1254",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
          },
          {
            "name": "60433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60433"
          },
          {
            "name": "HPSBMU03143",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
          },
          {
            "name": "HPSBMU03182",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
          },
          {
            "name": "RHSA-2014:1306",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
          },
          {
            "name": "HPSBST03155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
          },
          {
            "name": "61715",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61715"
          },
          {
            "name": "USN-2363-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2363-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
          },
          {
            "name": "61816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61816"
          },
          {
            "name": "openSUSE-SU-2014:1310",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
          },
          {
            "name": "61442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61442"
          },
          {
            "name": "HPSBMU03246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
          },
          {
            "name": "HPSBST03195",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
          },
          {
            "name": "61283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61283"
          },
          {
            "name": "SSRT101711",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
          },
          {
            "name": "openSUSE-SU-2014:1308",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
          },
          {
            "name": "61654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61654"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
          },
          {
            "name": "62312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62312"
          },
          {
            "name": "59272",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59272"
          },
          {
            "name": "HPSBST03122",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
          },
          {
            "name": "HPSBMU03217",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "RHSA-2014:1312",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
          },
          {
            "name": "USN-2363-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2363-1"
          },
          {
            "name": "SSRT101868",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6495"
          },
          {
            "name": "VU#252743",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/252743"
          },
          {
            "name": "61065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61065"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
          },
          {
            "name": "HPSBST03129",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
          },
          {
            "name": "HPSBMU03144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
          },
          {
            "name": "JVNDB-2014-000126",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
          },
          {
            "name": "SSRT101827",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "TA14-268A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
          },
          {
            "name": "61641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61641"
          },
          {
            "name": "SUSE-SU-2014:1247",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/node/1200223"
          },
          {
            "name": "SUSE-SU-2014:1287",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
          },
          {
            "name": "APPLE-SA-2014-10-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
          },
          {
            "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
          },
          {
            "name": "MDVSA-2015:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
          },
          {
            "name": "61619",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61619"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
          },
          {
            "name": "HPSBMU03220",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "60325",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60325"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
          },
          {
            "name": "60024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
          },
          {
            "name": "34879",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/34879/"
          },
          {
            "name": "61622",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61622"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/articles/1200223"
          },
          {
            "name": "62343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62343"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
          },
          {
            "name": "61565",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/shellshock/"
          },
          {
            "name": "HPSBST03157",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
          },
          {
            "name": "61313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61313"
          },
          {
            "name": "SSRT101742",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "61873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61873"
          },
          {
            "name": "61485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61485"
          },
          {
            "name": "openSUSE-SU-2014:1242",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
          },
          {
            "name": "61618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61618"
          },
          {
            "name": "60947",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60947"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6535"
          },
          {
            "name": "HPSBST03154",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
          },
          {
            "name": "HPSBGN03142",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
          },
          {
            "name": "61312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61312"
          },
          {
            "name": "60193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
          },
          {
            "name": "61479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61479"
          },
          {
            "name": "60063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60063"
          },
          {
            "name": "60034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60034"
          },
          {
            "name": "HPSBMU03133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
          },
          {
            "name": "59907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59907"
          },
          {
            "name": "58200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58200"
          },
          {
            "name": "HPSBST03181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
          },
          {
            "name": "61643",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61643"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://twitter.com/taviso/statuses/514887394294652929"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
          },
          {
            "name": "61503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
          },
          {
            "name": "RHSA-2014:1354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
          },
          {
            "name": "HPSBGN03117",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
          },
          {
            "name": "HPSBHF03145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
          },
          {
            "name": "HPSBST03148",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
          },
          {
            "name": "61552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61552"
          },
          {
            "name": "61780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61780"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200223"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
          },
          {
            "name": "62228",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62228"
          },
          {
            "name": "HPSBGN03138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
          },
          {
            "name": "61855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61855"
          },
          {
            "name": "HPSBHF03124",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
          },
          {
            "name": "60044",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60044"
          },
          {
            "name": "61291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61291"
          },
          {
            "name": "HPSBHF03125",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
          },
          {
            "name": "59737",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59737"
          },
          {
            "name": "61287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61287"
          },
          {
            "name": "HPSBHF03146",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
          },
          {
            "name": "HPSBGN03233",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "SSRT101739",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61711"
          },
          {
            "name": "HPSBOV03228",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
          },
          {
            "name": "HPSBGN03141",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
          },
          {
            "name": "RHSA-2014:1311",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
          },
          {
            "name": "61128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61128"
          },
          {
            "name": "DSA-3035",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3035"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200217"
          },
          {
            "name": "61471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61471"
          },
          {
            "name": "60055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60055"
          },
          {
            "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
          },
          {
            "name": "61550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61550"
          },
          {
            "name": "61633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61633"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
          },
          {
            "name": "SUSE-SU-2014:1259",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
          },
          {
            "name": "61328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
          },
          {
            "name": "61129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61129"
          },
          {
            "name": "61700",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61700"
          },
          {
            "name": "61626",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61626"
          },
          {
            "name": "61603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61603"
          },
          {
            "name": "61857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2014-7169",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T19:31:47.209255Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-01-28",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-7169"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-78",
                "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:46:49.393Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2022-01-28T00:00:00+00:00",
            "value": "CVE-2014-7169 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-05T16:41:42.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
        },
        {
          "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
        },
        {
          "name": "HPSBMU03165",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
        },
        {
          "name": "HPSBHF03119",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
        },
        {
          "name": "HPSBST03131",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
        },
        {
          "name": "SSRT101819",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
        },
        {
          "name": "HPSBMU03245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2014:1229",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
        },
        {
          "name": "61188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61188"
        },
        {
          "name": "JVN#55667175",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
        },
        {
          "name": "61676",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61676"
        },
        {
          "name": "openSUSE-SU-2014:1254",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
        },
        {
          "name": "60433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60433"
        },
        {
          "name": "HPSBMU03143",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
        },
        {
          "name": "HPSBMU03182",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
        },
        {
          "name": "RHSA-2014:1306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
        },
        {
          "name": "HPSBST03155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
        },
        {
          "name": "61715",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61715"
        },
        {
          "name": "USN-2363-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2363-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
        },
        {
          "name": "61816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61816"
        },
        {
          "name": "openSUSE-SU-2014:1310",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
        },
        {
          "name": "61442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61442"
        },
        {
          "name": "HPSBMU03246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
        },
        {
          "name": "HPSBST03195",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
        },
        {
          "name": "61283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61283"
        },
        {
          "name": "SSRT101711",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
        },
        {
          "name": "openSUSE-SU-2014:1308",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
        },
        {
          "name": "61654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61654"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
        },
        {
          "name": "62312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62312"
        },
        {
          "name": "59272",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59272"
        },
        {
          "name": "HPSBST03122",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
        },
        {
          "name": "HPSBMU03217",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "RHSA-2014:1312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
        },
        {
          "name": "USN-2363-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2363-1"
        },
        {
          "name": "SSRT101868",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6495"
        },
        {
          "name": "VU#252743",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/252743"
        },
        {
          "name": "61065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61065"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
        },
        {
          "name": "HPSBST03129",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
        },
        {
          "name": "HPSBMU03144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
        },
        {
          "name": "JVNDB-2014-000126",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
        },
        {
          "name": "SSRT101827",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "TA14-268A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
        },
        {
          "name": "61641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61641"
        },
        {
          "name": "SUSE-SU-2014:1247",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/node/1200223"
        },
        {
          "name": "SUSE-SU-2014:1287",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
        },
        {
          "name": "APPLE-SA-2014-10-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
        },
        {
          "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
        },
        {
          "name": "MDVSA-2015:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
        },
        {
          "name": "61619",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61619"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
        },
        {
          "name": "HPSBMU03220",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "60325",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60325"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
        },
        {
          "name": "60024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
        },
        {
          "name": "34879",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/34879/"
        },
        {
          "name": "61622",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61622"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/articles/1200223"
        },
        {
          "name": "62343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62343"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
        },
        {
          "name": "61565",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/support/shellshock/"
        },
        {
          "name": "HPSBST03157",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
        },
        {
          "name": "61313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61313"
        },
        {
          "name": "SSRT101742",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "61873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61873"
        },
        {
          "name": "61485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61485"
        },
        {
          "name": "openSUSE-SU-2014:1242",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
        },
        {
          "name": "61618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61618"
        },
        {
          "name": "60947",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60947"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6535"
        },
        {
          "name": "HPSBST03154",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
        },
        {
          "name": "HPSBGN03142",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
        },
        {
          "name": "61312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61312"
        },
        {
          "name": "60193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
        },
        {
          "name": "61479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61479"
        },
        {
          "name": "60063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60063"
        },
        {
          "name": "60034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60034"
        },
        {
          "name": "HPSBMU03133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
        },
        {
          "name": "59907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59907"
        },
        {
          "name": "58200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58200"
        },
        {
          "name": "HPSBST03181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
        },
        {
          "name": "61643",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61643"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://twitter.com/taviso/statuses/514887394294652929"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
        },
        {
          "name": "61503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
        },
        {
          "name": "RHSA-2014:1354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
        },
        {
          "name": "HPSBGN03117",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
        },
        {
          "name": "HPSBHF03145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
        },
        {
          "name": "HPSBST03148",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
        },
        {
          "name": "61552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61552"
        },
        {
          "name": "61780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61780"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200223"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
        },
        {
          "name": "62228",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62228"
        },
        {
          "name": "HPSBGN03138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
        },
        {
          "name": "61855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61855"
        },
        {
          "name": "HPSBHF03124",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
        },
        {
          "name": "60044",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60044"
        },
        {
          "name": "61291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61291"
        },
        {
          "name": "HPSBHF03125",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
        },
        {
          "name": "59737",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59737"
        },
        {
          "name": "61287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61287"
        },
        {
          "name": "HPSBHF03146",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
        },
        {
          "name": "HPSBGN03233",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "SSRT101739",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61711"
        },
        {
          "name": "HPSBOV03228",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
        },
        {
          "name": "HPSBGN03141",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
        },
        {
          "name": "RHSA-2014:1311",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
        },
        {
          "name": "61128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61128"
        },
        {
          "name": "DSA-3035",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3035"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200217"
        },
        {
          "name": "61471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61471"
        },
        {
          "name": "60055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60055"
        },
        {
          "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
        },
        {
          "name": "61550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61550"
        },
        {
          "name": "61633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61633"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
        },
        {
          "name": "SUSE-SU-2014:1259",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
        },
        {
          "name": "61328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
        },
        {
          "name": "61129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61129"
        },
        {
          "name": "61700",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61700"
        },
        {
          "name": "61626",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61626"
        },
        {
          "name": "61603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61603"
        },
        {
          "name": "61857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-7169",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
            },
            {
              "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
            },
            {
              "name": "HPSBMU03165",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
            },
            {
              "name": "HPSBHF03119",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
            },
            {
              "name": "HPSBST03131",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
            },
            {
              "name": "SSRT101819",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
            },
            {
              "name": "HPSBMU03245",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2014:1229",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
            },
            {
              "name": "61188",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61188"
            },
            {
              "name": "JVN#55667175",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
            },
            {
              "name": "61676",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61676"
            },
            {
              "name": "openSUSE-SU-2014:1254",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
            },
            {
              "name": "60433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60433"
            },
            {
              "name": "HPSBMU03143",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
            },
            {
              "name": "HPSBMU03182",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
            },
            {
              "name": "RHSA-2014:1306",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
            },
            {
              "name": "HPSBST03155",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
            },
            {
              "name": "61715",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61715"
            },
            {
              "name": "USN-2363-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2363-2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
            },
            {
              "name": "61816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61816"
            },
            {
              "name": "openSUSE-SU-2014:1310",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
            },
            {
              "name": "61442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61442"
            },
            {
              "name": "HPSBMU03246",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
            },
            {
              "name": "HPSBST03195",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
            },
            {
              "name": "61283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61283"
            },
            {
              "name": "SSRT101711",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
            },
            {
              "name": "openSUSE-SU-2014:1308",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
            },
            {
              "name": "61654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61654"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015701",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
            },
            {
              "name": "62312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62312"
            },
            {
              "name": "59272",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59272"
            },
            {
              "name": "HPSBST03122",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
            },
            {
              "name": "HPSBMU03217",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "RHSA-2014:1312",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
            },
            {
              "name": "USN-2363-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2363-1"
            },
            {
              "name": "SSRT101868",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61703",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61703"
            },
            {
              "name": "http://support.apple.com/kb/HT6495",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6495"
            },
            {
              "name": "VU#252743",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/252743"
            },
            {
              "name": "61065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61065"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3075.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
            },
            {
              "name": "HPSBST03129",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
            },
            {
              "name": "HPSBMU03144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
            },
            {
              "name": "http://support.novell.com/security/cve/CVE-2014-7169.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
            },
            {
              "name": "JVNDB-2014-000126",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
            },
            {
              "name": "SSRT101827",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "TA14-268A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
            },
            {
              "name": "61641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61641"
            },
            {
              "name": "SUSE-SU-2014:1247",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
            },
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
            },
            {
              "name": "https://access.redhat.com/node/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/node/1200223"
            },
            {
              "name": "SUSE-SU-2014:1287",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
            },
            {
              "name": "APPLE-SA-2014-10-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
            },
            {
              "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
            },
            {
              "name": "MDVSA-2015:164",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
            },
            {
              "name": "61619",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61619"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3078.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
            },
            {
              "name": "HPSBMU03220",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "60325",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60325"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
            },
            {
              "name": "60024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60024"
            },
            {
              "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
            },
            {
              "name": "34879",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/34879/"
            },
            {
              "name": "61622",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61622"
            },
            {
              "name": "https://access.redhat.com/articles/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/articles/1200223"
            },
            {
              "name": "62343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62343"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0393.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
            },
            {
              "name": "61565",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61565"
            },
            {
              "name": "https://www.suse.com/support/shellshock/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/support/shellshock/"
            },
            {
              "name": "HPSBST03157",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
            },
            {
              "name": "61313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61313"
            },
            {
              "name": "SSRT101742",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "61873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61873"
            },
            {
              "name": "61485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61485"
            },
            {
              "name": "openSUSE-SU-2014:1242",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
            },
            {
              "name": "61618",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61618"
            },
            {
              "name": "60947",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60947"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
            },
            {
              "name": "https://support.apple.com/kb/HT6535",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6535"
            },
            {
              "name": "HPSBST03154",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
            },
            {
              "name": "HPSBGN03142",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
            },
            {
              "name": "61312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61312"
            },
            {
              "name": "60193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60193"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
            },
            {
              "name": "61479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61479"
            },
            {
              "name": "60063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60063"
            },
            {
              "name": "60034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60034"
            },
            {
              "name": "HPSBMU03133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
            },
            {
              "name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html",
              "refsource": "MISC",
              "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
            },
            {
              "name": "59907",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59907"
            },
            {
              "name": "58200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58200"
            },
            {
              "name": "HPSBST03181",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
            },
            {
              "name": "61643",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61643"
            },
            {
              "name": "http://twitter.com/taviso/statuses/514887394294652929",
              "refsource": "MISC",
              "url": "http://twitter.com/taviso/statuses/514887394294652929"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015721",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
            },
            {
              "name": "61503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61503"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
            },
            {
              "name": "RHSA-2014:1354",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
            },
            {
              "name": "HPSBGN03117",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
            },
            {
              "name": "HPSBHF03145",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
            },
            {
              "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
              "refsource": "CONFIRM",
              "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
            },
            {
              "name": "HPSBST03148",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
            },
            {
              "name": "61552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61552"
            },
            {
              "name": "61780",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61780"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
            },
            {
              "name": "https://support.citrix.com/article/CTX200223",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200223"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3077.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
            },
            {
              "name": "62228",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62228"
            },
            {
              "name": "HPSBGN03138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
            },
            {
              "name": "61855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61855"
            },
            {
              "name": "HPSBHF03124",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
            },
            {
              "name": "60044",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60044"
            },
            {
              "name": "61291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61291"
            },
            {
              "name": "HPSBHF03125",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
            },
            {
              "name": "59737",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59737"
            },
            {
              "name": "61287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61287"
            },
            {
              "name": "HPSBHF03146",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
            },
            {
              "name": "HPSBGN03233",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "SSRT101739",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61711",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61711"
            },
            {
              "name": "HPSBOV03228",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
            },
            {
              "name": "HPSBGN03141",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
            },
            {
              "name": "RHSA-2014:1311",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
            },
            {
              "name": "61128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61128"
            },
            {
              "name": "DSA-3035",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3035"
            },
            {
              "name": "https://support.citrix.com/article/CTX200217",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200217"
            },
            {
              "name": "61471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61471"
            },
            {
              "name": "60055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60055"
            },
            {
              "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
            },
            {
              "name": "61550",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61550"
            },
            {
              "name": "61633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61633"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-1306.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
            },
            {
              "name": "SUSE-SU-2014:1259",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
            },
            {
              "name": "61328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
            },
            {
              "name": "61129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61129"
            },
            {
              "name": "61700",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61700"
            },
            {
              "name": "61626",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61626"
            },
            {
              "name": "61603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61603"
            },
            {
              "name": "61857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-7169",
    "datePublished": "2014-09-25T01:00:00.000Z",
    "dateReserved": "2014-09-24T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:46:49.393Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-0057 (GCVE-0-2012-0057)

Vulnerability from cvelistv5

Published

2012-02-02 00:00

Modified

2024-08-06 18:09

Severity ?

CWE

n/a

Summary

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.

References

URL

Tags

	http://openwall.com/lists/oss-security/2012/01/15/1	mailing-list, x_refsource_MLIST
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041	vendor-advisory, x_refsource_HP
	http://openwall.com/lists/oss-security/2012/01/13/6	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2012/01/13/5	mailing-list, x_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2399	vendor-advisory, x_refsource_DEBIAN
	http://openwall.com/lists/oss-security/2012/01/18/3	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://php.net/ChangeLog-5.php#5.3.9	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html	vendor-advisory, x_refsource_SUSE
	http://openwall.com/lists/oss-security/2012/01/13/7	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/48668	third-party-advisory, x_refsource_SECUNIA
	http://openwall.com/lists/oss-security/2012/01/15/2	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2012/01/15/10	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2012/01/14/1	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2012/01/14/2	mailing-list, x_refsource_MLIST
	https://exchange.xforce.ibmcloud.com/vulnerabilities/72908	vdb-entry, x_refsource_XF
	http://openwall.com/lists/oss-security/2012/01/14/3	mailing-list, x_refsource_MLIST
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041	vendor-advisory, x_refsource_HP
	http://openwall.com/lists/oss-security/2012/01/13/4	mailing-list, x_refsource_MLIST
	https://bugs.php.net/bug.php?id=54446	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2012/01/13/10	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:09:17.304Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20120115 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/15/1"
          },
          {
            "name": "HPSBMU02786",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/13/6"
          },
          {
            "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/13/5"
          },
          {
            "name": "DSA-2399",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2399"
          },
          {
            "name": "[oss-security] 20120117 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/18/3"
          },
          {
            "name": "SUSE-SU-2012:0411",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://php.net/ChangeLog-5.php#5.3.9"
          },
          {
            "name": "openSUSE-SU-2012:0426",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
          },
          {
            "name": "SUSE-SU-2012:0472",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html"
          },
          {
            "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/13/7"
          },
          {
            "name": "48668",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48668"
          },
          {
            "name": "[oss-security] 20120114 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/15/2"
          },
          {
            "name": "[oss-security] 20120115 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/15/10"
          },
          {
            "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/14/1"
          },
          {
            "name": "[oss-security] 20120114 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/14/2"
          },
          {
            "name": "php-libxslt-security-bypass(72908)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72908"
          },
          {
            "name": "[oss-security] 20120114 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/14/3"
          },
          {
            "name": "SSRT100877",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "[oss-security] 20120113 CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/13/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=54446"
          },
          {
            "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/01/13/10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-10-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-17T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[oss-security] 20120115 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/15/1"
        },
        {
          "name": "HPSBMU02786",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/13/6"
        },
        {
          "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/13/5"
        },
        {
          "name": "DSA-2399",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2399"
        },
        {
          "name": "[oss-security] 20120117 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/18/3"
        },
        {
          "name": "SUSE-SU-2012:0411",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://php.net/ChangeLog-5.php#5.3.9"
        },
        {
          "name": "openSUSE-SU-2012:0426",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
        },
        {
          "name": "SUSE-SU-2012:0472",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html"
        },
        {
          "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/13/7"
        },
        {
          "name": "48668",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48668"
        },
        {
          "name": "[oss-security] 20120114 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/15/2"
        },
        {
          "name": "[oss-security] 20120115 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/15/10"
        },
        {
          "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/14/1"
        },
        {
          "name": "[oss-security] 20120114 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/14/2"
        },
        {
          "name": "php-libxslt-security-bypass(72908)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72908"
        },
        {
          "name": "[oss-security] 20120114 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/14/3"
        },
        {
          "name": "SSRT100877",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "[oss-security] 20120113 CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/13/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=54446"
        },
        {
          "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/01/13/10"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-0057",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20120115 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/15/1"
            },
            {
              "name": "HPSBMU02786",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/13/6"
            },
            {
              "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/13/5"
            },
            {
              "name": "DSA-2399",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2399"
            },
            {
              "name": "[oss-security] 20120117 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/18/3"
            },
            {
              "name": "SUSE-SU-2012:0411",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
            },
            {
              "name": "http://php.net/ChangeLog-5.php#5.3.9",
              "refsource": "CONFIRM",
              "url": "http://php.net/ChangeLog-5.php#5.3.9"
            },
            {
              "name": "openSUSE-SU-2012:0426",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
            },
            {
              "name": "SUSE-SU-2012:0472",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html"
            },
            {
              "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/13/7"
            },
            {
              "name": "48668",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48668"
            },
            {
              "name": "[oss-security] 20120114 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/15/2"
            },
            {
              "name": "[oss-security] 20120115 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/15/10"
            },
            {
              "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/14/1"
            },
            {
              "name": "[oss-security] 20120114 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/14/2"
            },
            {
              "name": "php-libxslt-security-bypass(72908)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72908"
            },
            {
              "name": "[oss-security] 20120114 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/14/3"
            },
            {
              "name": "SSRT100877",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "[oss-security] 20120113 CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/13/4"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=54446",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=54446"
            },
            {
              "name": "[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ?",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/01/13/10"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-0057",
    "datePublished": "2012-02-02T00:00:00",
    "dateReserved": "2011-12-07T00:00:00",
    "dateUpdated": "2024-08-06T18:09:17.304Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-1153 (GCVE-0-2011-1153)

Vulnerability from cvelistv5

Published

2011-03-16 22:00

Modified

2024-08-06 22:14

Severity ?

CWE

n/a

Summary

Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via format string specifiers in an argument to a class method, leading to an incorrect zend_throw_exception_ex call.

References

URL

Tags

	http://www.securityfocus.com/bid/46854	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/66079	vdb-entry, x_refsource_XF
	https://bugzilla.redhat.com/show_bug.cgi?id=688378	x_refsource_CONFIRM
	http://secunia.com/advisories/43744	third-party-advisory, x_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html	vendor-advisory, x_refsource_FEDORA
	http://svn.php.net/viewvc?view=revision&revision=309221	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0764	vdb-entry, x_refsource_VUPEN
	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html	vendor-advisory, x_refsource_FEDORA
	http://openwall.com/lists/oss-security/2011/03/14/13	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/14/14	mailing-list, x_refsource_MLIST
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:053	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2011/dsa-2266	vendor-advisory, x_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2011/0890	vdb-entry, x_refsource_VUPEN
	http://www.php.net/releases/5_3_6.php	x_refsource_CONFIRM
	http://bugs.php.net/bug.php?id=54247	x_refsource_CONFIRM
	http://www.php.net/ChangeLog-5.php	x_refsource_CONFIRM
	http://www.php.net/archive/2011.php	x_refsource_CONFIRM
	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html	vendor-advisory, x_refsource_FEDORA
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:052	vendor-advisory, x_refsource_MANDRIVA
	http://openwall.com/lists/oss-security/2011/03/14/24	mailing-list, x_refsource_MLIST
	http://www.vupen.com/english/advisories/2011/0744	vdb-entry, x_refsource_VUPEN
	http://support.apple.com/kb/HT5002	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:14:27.893Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "46854",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46854"
          },
          {
            "name": "php-pharobject-format-string(66079)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66079"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688378"
          },
          {
            "name": "43744",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43744"
          },
          {
            "name": "FEDORA-2011-3636",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.php.net/viewvc?view=revision\u0026revision=309221"
          },
          {
            "name": "ADV-2011-0764",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0764"
          },
          {
            "name": "FEDORA-2011-3614",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html"
          },
          {
            "name": "[oss-security] 20110314 CVE request: format-string vulnerability in PHP Phar extension",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/13"
          },
          {
            "name": "[oss-security] 20110314 Re: CVE request: format-string vulnerability in PHP Phar extension",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/14"
          },
          {
            "name": "MDVSA-2011:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
          },
          {
            "name": "DSA-2266",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2266"
          },
          {
            "name": "ADV-2011-0890",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0890"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/releases/5_3_6.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.php.net/bug.php?id=54247"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/archive/2011.php"
          },
          {
            "name": "APPLE-SA-2011-10-12-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "name": "FEDORA-2011-3666",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html"
          },
          {
            "name": "MDVSA-2011:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052"
          },
          {
            "name": "[oss-security] 20110314 Re: CVE request: format-string vulnerability in PHP Phar extension",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/24"
          },
          {
            "name": "ADV-2011-0744",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0744"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5002"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via format string specifiers in an argument to a class method, leading to an incorrect zend_throw_exception_ex call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "46854",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46854"
        },
        {
          "name": "php-pharobject-format-string(66079)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66079"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688378"
        },
        {
          "name": "43744",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43744"
        },
        {
          "name": "FEDORA-2011-3636",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.php.net/viewvc?view=revision\u0026revision=309221"
        },
        {
          "name": "ADV-2011-0764",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0764"
        },
        {
          "name": "FEDORA-2011-3614",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html"
        },
        {
          "name": "[oss-security] 20110314 CVE request: format-string vulnerability in PHP Phar extension",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/13"
        },
        {
          "name": "[oss-security] 20110314 Re: CVE request: format-string vulnerability in PHP Phar extension",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/14"
        },
        {
          "name": "MDVSA-2011:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
        },
        {
          "name": "DSA-2266",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2266"
        },
        {
          "name": "ADV-2011-0890",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0890"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/releases/5_3_6.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.php.net/bug.php?id=54247"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/archive/2011.php"
        },
        {
          "name": "APPLE-SA-2011-10-12-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
        },
        {
          "name": "FEDORA-2011-3666",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html"
        },
        {
          "name": "MDVSA-2011:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052"
        },
        {
          "name": "[oss-security] 20110314 Re: CVE request: format-string vulnerability in PHP Phar extension",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/24"
        },
        {
          "name": "ADV-2011-0744",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0744"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5002"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1153",
    "datePublished": "2011-03-16T22:00:00",
    "dateReserved": "2011-03-03T00:00:00",
    "dateUpdated": "2024-08-06T22:14:27.893Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-1568 (GCVE-0-2014-1568)

Vulnerability from cvelistv5

Published

2014-09-25 17:00

Modified

2024-08-06 09:42

Severity ?

CWE

n/a

Summary

Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue.

References

URL

Tags

	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/772676	third-party-advisory, x_refsource_CERT-VN
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-1307.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/70116	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2360-1	vendor-advisory, x_refsource_UBUNTU
	https://exchange.xforce.ibmcloud.com/vulnerabilities/96194	vdb-entry, x_refsource_XF
	http://www.novell.com/support/kb/doc.php?id=7015701	x_refsource_CONFIRM
	http://secunia.com/advisories/61575	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.mozilla.org/show_bug.cgi?id=1069405	x_refsource_CONFIRM
	https://bugzilla.mozilla.org/show_bug.cgi?id=1064636	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00032.html	vendor-advisory, x_refsource_SUSE
	http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://googlechromereleases.blogspot.com/2014/09/stable-channel-update-for-chrome-os_24.html	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201504-01	vendor-advisory, x_refsource_GENTOO
	http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61574	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2361-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2014/dsa-3033	vendor-advisory, x_refsource_DEBIAN
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761	x_refsource_CONFIRM
	http://www.debian.org/security/2014/dsa-3034	vendor-advisory, x_refsource_DEBIAN
	http://rhn.redhat.com/errata/RHSA-2014-1371.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2014-1354.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2014/dsa-3037	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00036.html	vendor-advisory, x_refsource_SUSE
	http://www.mozilla.org/security/announce/2014/mfsa2014-73.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2360-2	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/61540	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61576	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00039.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61583	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:42:36.192Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "name": "VU#772676",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/772676"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
          },
          {
            "name": "RHSA-2014:1307",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1307.html"
          },
          {
            "name": "70116",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70116"
          },
          {
            "name": "USN-2360-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2360-1"
          },
          {
            "name": "mozilla-nss-cve20141568-sec-bypass(96194)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96194"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
          },
          {
            "name": "61575",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61575"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1069405"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1064636"
          },
          {
            "name": "SUSE-SU-2014:1220",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00032.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update-for-chrome-os_24.html"
          },
          {
            "name": "GLSA-201504-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201504-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
          },
          {
            "name": "61574",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61574"
          },
          {
            "name": "USN-2361-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2361-1"
          },
          {
            "name": "DSA-3033",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3033"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
          },
          {
            "name": "DSA-3034",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3034"
          },
          {
            "name": "RHSA-2014:1371",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1371.html"
          },
          {
            "name": "RHSA-2014:1354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
          },
          {
            "name": "DSA-3037",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3037"
          },
          {
            "name": "openSUSE-SU-2014:1224",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00036.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-73.html"
          },
          {
            "name": "USN-2360-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2360-2"
          },
          {
            "name": "61540",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61540"
          },
          {
            "name": "61576",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61576"
          },
          {
            "name": "openSUSE-SU-2014:1232",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00039.html"
          },
          {
            "name": "61583",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61583"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a \"signature malleability\" issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
        },
        {
          "name": "VU#772676",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/772676"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
        },
        {
          "name": "RHSA-2014:1307",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1307.html"
        },
        {
          "name": "70116",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70116"
        },
        {
          "name": "USN-2360-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2360-1"
        },
        {
          "name": "mozilla-nss-cve20141568-sec-bypass(96194)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96194"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
        },
        {
          "name": "61575",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61575"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1069405"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1064636"
        },
        {
          "name": "SUSE-SU-2014:1220",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00032.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update-for-chrome-os_24.html"
        },
        {
          "name": "GLSA-201504-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201504-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
        },
        {
          "name": "61574",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61574"
        },
        {
          "name": "USN-2361-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2361-1"
        },
        {
          "name": "DSA-3033",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3033"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
        },
        {
          "name": "DSA-3034",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3034"
        },
        {
          "name": "RHSA-2014:1371",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1371.html"
        },
        {
          "name": "RHSA-2014:1354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
        },
        {
          "name": "DSA-3037",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3037"
        },
        {
          "name": "openSUSE-SU-2014:1224",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00036.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-73.html"
        },
        {
          "name": "USN-2360-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2360-2"
        },
        {
          "name": "61540",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61540"
        },
        {
          "name": "61576",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61576"
        },
        {
          "name": "openSUSE-SU-2014:1232",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00039.html"
        },
        {
          "name": "61583",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61583"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@mozilla.org",
          "ID": "CVE-2014-1568",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a \"signature malleability\" issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
            },
            {
              "name": "VU#772676",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/772676"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
            },
            {
              "name": "RHSA-2014:1307",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1307.html"
            },
            {
              "name": "70116",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70116"
            },
            {
              "name": "USN-2360-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2360-1"
            },
            {
              "name": "mozilla-nss-cve20141568-sec-bypass(96194)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96194"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015701",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
            },
            {
              "name": "61575",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61575"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1069405",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1069405"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1064636",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1064636"
            },
            {
              "name": "SUSE-SU-2014:1220",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00032.html"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update-for-chrome-os_24.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update-for-chrome-os_24.html"
            },
            {
              "name": "GLSA-201504-01",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201504-01"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
            },
            {
              "name": "61574",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61574"
            },
            {
              "name": "USN-2361-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2361-1"
            },
            {
              "name": "DSA-3033",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3033"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
            },
            {
              "name": "DSA-3034",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3034"
            },
            {
              "name": "RHSA-2014:1371",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1371.html"
            },
            {
              "name": "RHSA-2014:1354",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
            },
            {
              "name": "DSA-3037",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3037"
            },
            {
              "name": "openSUSE-SU-2014:1224",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00036.html"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-73.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-73.html"
            },
            {
              "name": "USN-2360-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2360-2"
            },
            {
              "name": "61540",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61540"
            },
            {
              "name": "61576",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61576"
            },
            {
              "name": "openSUSE-SU-2014:1232",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00039.html"
            },
            {
              "name": "61583",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61583"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2014-1568",
    "datePublished": "2014-09-25T17:00:00",
    "dateReserved": "2014-01-16T00:00:00",
    "dateUpdated": "2024-08-06T09:42:36.192Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-2110 (GCVE-0-2012-2110)

Vulnerability from cvelistv5

Published

2012-04-19 17:00

Modified

2024-08-06 19:26

Severity ?

CWE

n/a

Summary

The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564	x_refsource_CONFIRM
	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862	vendor-advisory, x_refsource_HP
	http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/48899	third-party-advisory, x_refsource_SECUNIA
	http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html	mailing-list, x_refsource_FULLDISC
	http://rhn.redhat.com/errata/RHSA-2012-1308.html	vendor-advisory, x_refsource_REDHAT
	http://cvs.openssl.org/chngview?cn=22434	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2012:060	vendor-advisory, x_refsource_MANDRIVA
	http://rhn.redhat.com/errata/RHSA-2012-1307.html	vendor-advisory, x_refsource_REDHAT
	http://www.exploit-db.com/exploits/18756	exploit, x_refsource_EXPLOIT-DB
	http://rhn.redhat.com/errata/RHSA-2012-0518.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2012/dsa-2454	vendor-advisory, x_refsource_DEBIAN
	http://support.apple.com/kb/HT5784	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.ubuntu.com/usn/USN-1424-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/48895	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/48847	third-party-advisory, x_refsource_SECUNIA
	http://cvs.openssl.org/chngview?cn=22439	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2012-1306.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2012-0522.html	vendor-advisory, x_refsource_REDHAT
	http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html	vendor-advisory, x_refsource_FEDORA
	http://marc.info/?l=bugtraq&m=134039053214295&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/57353	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/53158	vdb-entry, x_refsource_BID
	http://marc.info/?l=bugtraq&m=133728068926468&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=134039053214295&w=2	vendor-advisory, x_refsource_HP
	http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html	vendor-advisory, x_refsource_FEDORA
	http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=133951357207000&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/48942	third-party-advisory, x_refsource_SECUNIA
	http://www.openssl.org/news/secadv_20120419.txt	x_refsource_CONFIRM
	http://cvs.openssl.org/chngview?cn=22431	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1026957	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/48999	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=133951357207000&w=2	vendor-advisory, x_refsource_HP
	http://osvdb.org/81223	vdb-entry, x_refsource_OSVDB
	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862	vendor-advisory, x_refsource_HP
	http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html	vendor-advisory, x_refsource_FEDORA
	https://kb.juniper.net/KB27376	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=133728068926468&w=2	vendor-advisory, x_refsource_HP

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:26:07.655Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2012:0623",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html"
          },
          {
            "name": "SUSE-SU-2012:1149",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
          },
          {
            "name": "SSRT101210",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
          },
          {
            "name": "FEDORA-2012-18035",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
          },
          {
            "name": "48899",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48899"
          },
          {
            "name": "20120419 incorrect integer conversions in OpenSSL can result in memory corruption.",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html"
          },
          {
            "name": "RHSA-2012:1308",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvs.openssl.org/chngview?cn=22434"
          },
          {
            "name": "MDVSA-2012:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:060"
          },
          {
            "name": "RHSA-2012:1307",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
          },
          {
            "name": "18756",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/18756"
          },
          {
            "name": "RHSA-2012:0518",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0518.html"
          },
          {
            "name": "DSA-2454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2454"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5784"
          },
          {
            "name": "APPLE-SA-2013-06-04-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
          },
          {
            "name": "USN-1424-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1424-1"
          },
          {
            "name": "48895",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48895"
          },
          {
            "name": "48847",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48847"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvs.openssl.org/chngview?cn=22439"
          },
          {
            "name": "RHSA-2012:1306",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
          },
          {
            "name": "SUSE-SU-2012:0637",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html"
          },
          {
            "name": "RHSA-2012:0522",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0522.html"
          },
          {
            "name": "FEDORA-2012-6343",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html"
          },
          {
            "name": "HPSBOV02793",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
          },
          {
            "name": "57353",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/57353"
          },
          {
            "name": "53158",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/53158"
          },
          {
            "name": "HPSBUX02782",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
          },
          {
            "name": "SSRT100891",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
          },
          {
            "name": "FEDORA-2012-6395",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578"
          },
          {
            "name": "SSRT100852",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
          },
          {
            "name": "48942",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48942"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openssl.org/news/secadv_20120419.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvs.openssl.org/chngview?cn=22431"
          },
          {
            "name": "1026957",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026957"
          },
          {
            "name": "48999",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48999"
          },
          {
            "name": "HPSBMU02776",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
          },
          {
            "name": "81223",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/81223"
          },
          {
            "name": "HPSBMU02900",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
          },
          {
            "name": "FEDORA-2012-6403",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/KB27376"
          },
          {
            "name": "SSRT100844",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2012:0623",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html"
        },
        {
          "name": "SUSE-SU-2012:1149",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
        },
        {
          "name": "SSRT101210",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
        },
        {
          "name": "FEDORA-2012-18035",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
        },
        {
          "name": "48899",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48899"
        },
        {
          "name": "20120419 incorrect integer conversions in OpenSSL can result in memory corruption.",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html"
        },
        {
          "name": "RHSA-2012:1308",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvs.openssl.org/chngview?cn=22434"
        },
        {
          "name": "MDVSA-2012:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:060"
        },
        {
          "name": "RHSA-2012:1307",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
        },
        {
          "name": "18756",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/18756"
        },
        {
          "name": "RHSA-2012:0518",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0518.html"
        },
        {
          "name": "DSA-2454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2454"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5784"
        },
        {
          "name": "APPLE-SA-2013-06-04-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
        },
        {
          "name": "USN-1424-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1424-1"
        },
        {
          "name": "48895",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48895"
        },
        {
          "name": "48847",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48847"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvs.openssl.org/chngview?cn=22439"
        },
        {
          "name": "RHSA-2012:1306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
        },
        {
          "name": "SUSE-SU-2012:0637",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html"
        },
        {
          "name": "RHSA-2012:0522",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0522.html"
        },
        {
          "name": "FEDORA-2012-6343",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html"
        },
        {
          "name": "HPSBOV02793",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
        },
        {
          "name": "57353",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/57353"
        },
        {
          "name": "53158",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/53158"
        },
        {
          "name": "HPSBUX02782",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
        },
        {
          "name": "SSRT100891",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
        },
        {
          "name": "FEDORA-2012-6395",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578"
        },
        {
          "name": "SSRT100852",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
        },
        {
          "name": "48942",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48942"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openssl.org/news/secadv_20120419.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvs.openssl.org/chngview?cn=22431"
        },
        {
          "name": "1026957",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026957"
        },
        {
          "name": "48999",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48999"
        },
        {
          "name": "HPSBMU02776",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
        },
        {
          "name": "81223",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/81223"
        },
        {
          "name": "HPSBMU02900",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
        },
        {
          "name": "FEDORA-2012-6403",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/KB27376"
        },
        {
          "name": "SSRT100844",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-2110",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2012:0623",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html"
            },
            {
              "name": "SUSE-SU-2012:1149",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
            },
            {
              "name": "SSRT101210",
              "refsource": "HP",
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
            },
            {
              "name": "FEDORA-2012-18035",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
            },
            {
              "name": "48899",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48899"
            },
            {
              "name": "20120419 incorrect integer conversions in OpenSSL can result in memory corruption.",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html"
            },
            {
              "name": "RHSA-2012:1308",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
            },
            {
              "name": "http://cvs.openssl.org/chngview?cn=22434",
              "refsource": "CONFIRM",
              "url": "http://cvs.openssl.org/chngview?cn=22434"
            },
            {
              "name": "MDVSA-2012:060",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:060"
            },
            {
              "name": "RHSA-2012:1307",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
            },
            {
              "name": "18756",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/18756"
            },
            {
              "name": "RHSA-2012:0518",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0518.html"
            },
            {
              "name": "DSA-2454",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2454"
            },
            {
              "name": "http://support.apple.com/kb/HT5784",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5784"
            },
            {
              "name": "APPLE-SA-2013-06-04-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
            },
            {
              "name": "USN-1424-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1424-1"
            },
            {
              "name": "48895",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48895"
            },
            {
              "name": "48847",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48847"
            },
            {
              "name": "http://cvs.openssl.org/chngview?cn=22439",
              "refsource": "CONFIRM",
              "url": "http://cvs.openssl.org/chngview?cn=22439"
            },
            {
              "name": "RHSA-2012:1306",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
            },
            {
              "name": "SUSE-SU-2012:0637",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html"
            },
            {
              "name": "RHSA-2012:0522",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0522.html"
            },
            {
              "name": "FEDORA-2012-6343",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html"
            },
            {
              "name": "HPSBOV02793",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
            },
            {
              "name": "57353",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/57353"
            },
            {
              "name": "53158",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/53158"
            },
            {
              "name": "HPSBUX02782",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
            },
            {
              "name": "SSRT100891",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
            },
            {
              "name": "FEDORA-2012-6395",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html"
            },
            {
              "name": "http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578",
              "refsource": "CONFIRM",
              "url": "http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578"
            },
            {
              "name": "SSRT100852",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
            },
            {
              "name": "48942",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48942"
            },
            {
              "name": "http://www.openssl.org/news/secadv_20120419.txt",
              "refsource": "CONFIRM",
              "url": "http://www.openssl.org/news/secadv_20120419.txt"
            },
            {
              "name": "http://cvs.openssl.org/chngview?cn=22431",
              "refsource": "CONFIRM",
              "url": "http://cvs.openssl.org/chngview?cn=22431"
            },
            {
              "name": "1026957",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026957"
            },
            {
              "name": "48999",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48999"
            },
            {
              "name": "HPSBMU02776",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
            },
            {
              "name": "81223",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/81223"
            },
            {
              "name": "HPSBMU02900",
              "refsource": "HP",
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
            },
            {
              "name": "FEDORA-2012-6403",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html"
            },
            {
              "name": "https://kb.juniper.net/KB27376",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/KB27376"
            },
            {
              "name": "SSRT100844",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-2110",
    "datePublished": "2012-04-19T17:00:00",
    "dateReserved": "2012-04-04T00:00:00",
    "dateUpdated": "2024-08-06T19:26:07.655Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-0831 (GCVE-0-2012-0831)

Vulnerability from cvelistv5

Published

2012-02-10 20:00

Modified

2024-08-06 18:38

Severity ?

CWE

n/a

Summary

PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.

References

URL

Tags

	http://www.ubuntu.com/usn/USN-1358-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/55078	third-party-advisory, x_refsource_SECUNIA
	http://svn.php.net/viewvc?view=revision&revision=323016	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/48668	third-party-advisory, x_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html	vendor-advisory, x_refsource_APPLE
	http://rhn.redhat.com/errata/RHSA-2013-1307.html	vendor-advisory, x_refsource_REDHAT
	http://support.apple.com/kb/HT5501	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html	vendor-advisory, x_refsource_FEDORA
	https://launchpadlibrarian.net/92454212/php5_5.3.2-1ubuntu4.13.diff.gz	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/73125	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/51954	vdb-entry, x_refsource_BID
	http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html	vendor-advisory, x_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:38:14.798Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-1358-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1358-1"
          },
          {
            "name": "SUSE-SU-2012:0411",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
          },
          {
            "name": "55078",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55078"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.php.net/viewvc?view=revision\u0026revision=323016"
          },
          {
            "name": "openSUSE-SU-2012:0426",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
          },
          {
            "name": "SUSE-SU-2012:0472",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html"
          },
          {
            "name": "48668",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48668"
          },
          {
            "name": "APPLE-SA-2012-09-19-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
          },
          {
            "name": "RHSA-2013:1307",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5501"
          },
          {
            "name": "FEDORA-2012-6907",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://launchpadlibrarian.net/92454212/php5_5.3.2-1ubuntu4.13.diff.gz"
          },
          {
            "name": "php-magicquotesgpc-sec-bypass(73125)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73125"
          },
          {
            "name": "51954",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/51954"
          },
          {
            "name": "FEDORA-2012-6911",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-02-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-17T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-1358-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1358-1"
        },
        {
          "name": "SUSE-SU-2012:0411",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
        },
        {
          "name": "55078",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55078"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.php.net/viewvc?view=revision\u0026revision=323016"
        },
        {
          "name": "openSUSE-SU-2012:0426",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
        },
        {
          "name": "SUSE-SU-2012:0472",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html"
        },
        {
          "name": "48668",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48668"
        },
        {
          "name": "APPLE-SA-2012-09-19-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
        },
        {
          "name": "RHSA-2013:1307",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5501"
        },
        {
          "name": "FEDORA-2012-6907",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://launchpadlibrarian.net/92454212/php5_5.3.2-1ubuntu4.13.diff.gz"
        },
        {
          "name": "php-magicquotesgpc-sec-bypass(73125)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73125"
        },
        {
          "name": "51954",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/51954"
        },
        {
          "name": "FEDORA-2012-6911",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-0831",
    "datePublished": "2012-02-10T20:00:00",
    "dateReserved": "2012-01-19T00:00:00",
    "dateUpdated": "2024-08-06T18:38:14.798Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0460 (GCVE-0-2014-0460)

Vulnerability from cvelistv5

Published

2014-04-16 01:00

Modified

2024-08-06 09:13

Severity ?

CWE

n/a

Summary

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.

References

URL

Tags

	http://secunia.com/advisories/59642	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59022	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2187-1	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2014-0675.html	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2014:0414	vendor-advisory, x_refsource_REDHAT
	http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/59705	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2191-1	vendor-advisory, x_refsource_UBUNTU
	http://www-01.ibm.com/support/docview.wss?uid=swg21676672	x_refsource_CONFIRM
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140852886808946&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21672080	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676315	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2014:0413	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59058	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140852886808946&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=140852974709252&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61264	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59706	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2014-0685.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21677294	x_refsource_CONFIRM
	http://secunia.com/advisories/59436	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59071	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2014/dsa-2912	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/66916	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/60117	third-party-advisory, x_refsource_SECUNIA
	http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21681256	x_refsource_CONFIRM
	http://secunia.com/advisories/58415	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140852974709252&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59516	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21674539	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686717	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21683484	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21673836	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg21677387	x_refsource_CONFIRM
	http://secunia.com/advisories/59023	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676746	x_refsource_CONFIRM
	http://secunia.com/advisories/59307	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21679713	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg21675343	x_refsource_CONFIRM
	http://secunia.com/advisories/59082	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59250	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-201502-12.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/59255	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59704	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21681018	x_refsource_CONFIRM
	http://secunia.com/advisories/60111	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60003	third-party-advisory, x_refsource_SECUNIA
	http://www.ibm.com/support/docview.wss?uid=swg21675588	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:13:10.731Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "59642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59642"
          },
          {
            "name": "59022",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59022"
          },
          {
            "name": "USN-2187-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2187-1"
          },
          {
            "name": "RHSA-2014:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
          },
          {
            "name": "RHSA-2014:0414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2014:0414"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "59705",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59705"
          },
          {
            "name": "USN-2191-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2191-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
          },
          {
            "name": "HPSBUX03091",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676315"
          },
          {
            "name": "RHSA-2014:0413",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2014:0413"
          },
          {
            "name": "59058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59058"
          },
          {
            "name": "SSRT101667",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
          },
          {
            "name": "HPSBUX03092",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
          },
          {
            "name": "61264",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61264"
          },
          {
            "name": "59706",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59706"
          },
          {
            "name": "RHSA-2014:0685",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
          },
          {
            "name": "59436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59436"
          },
          {
            "name": "59071",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59071"
          },
          {
            "name": "DSA-2912",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2912"
          },
          {
            "name": "66916",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/66916"
          },
          {
            "name": "60117",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60117"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
          },
          {
            "name": "58415",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58415"
          },
          {
            "name": "SSRT101668",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
          },
          {
            "name": "59516",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59516"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
          },
          {
            "name": "59023",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59023"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
          },
          {
            "name": "59307",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59307"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
          },
          {
            "name": "59082",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59082"
          },
          {
            "name": "59250",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59250"
          },
          {
            "name": "GLSA-201502-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
          },
          {
            "name": "59255",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59255"
          },
          {
            "name": "59704",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59704"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
          },
          {
            "name": "60111",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60111"
          },
          {
            "name": "60003",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60003"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-04-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "59642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59642"
        },
        {
          "name": "59022",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59022"
        },
        {
          "name": "USN-2187-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2187-1"
        },
        {
          "name": "RHSA-2014:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
        },
        {
          "name": "RHSA-2014:0414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2014:0414"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "59705",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59705"
        },
        {
          "name": "USN-2191-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2191-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
        },
        {
          "name": "HPSBUX03091",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676315"
        },
        {
          "name": "RHSA-2014:0413",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2014:0413"
        },
        {
          "name": "59058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59058"
        },
        {
          "name": "SSRT101667",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
        },
        {
          "name": "HPSBUX03092",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
        },
        {
          "name": "61264",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61264"
        },
        {
          "name": "59706",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59706"
        },
        {
          "name": "RHSA-2014:0685",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
        },
        {
          "name": "59436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59436"
        },
        {
          "name": "59071",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59071"
        },
        {
          "name": "DSA-2912",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2912"
        },
        {
          "name": "66916",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/66916"
        },
        {
          "name": "60117",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60117"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
        },
        {
          "name": "58415",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58415"
        },
        {
          "name": "SSRT101668",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
        },
        {
          "name": "59516",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59516"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
        },
        {
          "name": "59023",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59023"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
        },
        {
          "name": "59307",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59307"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
        },
        {
          "name": "59082",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59082"
        },
        {
          "name": "59250",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59250"
        },
        {
          "name": "GLSA-201502-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
        },
        {
          "name": "59255",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59255"
        },
        {
          "name": "59704",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59704"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
        },
        {
          "name": "60111",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60111"
        },
        {
          "name": "60003",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60003"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2014-0460",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "59642",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59642"
            },
            {
              "name": "59022",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59022"
            },
            {
              "name": "USN-2187-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2187-1"
            },
            {
              "name": "RHSA-2014:0675",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
            },
            {
              "name": "RHSA-2014:0414",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2014:0414"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "59705",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59705"
            },
            {
              "name": "USN-2191-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2191-1"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
            },
            {
              "name": "HPSBUX03091",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676315",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676315"
            },
            {
              "name": "RHSA-2014:0413",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2014:0413"
            },
            {
              "name": "59058",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59058"
            },
            {
              "name": "SSRT101667",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
            },
            {
              "name": "HPSBUX03092",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
            },
            {
              "name": "61264",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61264"
            },
            {
              "name": "59706",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59706"
            },
            {
              "name": "RHSA-2014:0685",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
            },
            {
              "name": "59436",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59436"
            },
            {
              "name": "59071",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59071"
            },
            {
              "name": "DSA-2912",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2912"
            },
            {
              "name": "66916",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/66916"
            },
            {
              "name": "60117",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60117"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
            },
            {
              "name": "58415",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58415"
            },
            {
              "name": "SSRT101668",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
            },
            {
              "name": "59516",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59516"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21677387",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
            },
            {
              "name": "59023",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59023"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
            },
            {
              "name": "59307",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59307"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21675343",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
            },
            {
              "name": "59082",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59082"
            },
            {
              "name": "59250",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59250"
            },
            {
              "name": "GLSA-201502-12",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
            },
            {
              "name": "59255",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59255"
            },
            {
              "name": "59704",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59704"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
            },
            {
              "name": "60111",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60111"
            },
            {
              "name": "60003",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60003"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21675588",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2014-0460",
    "datePublished": "2014-04-16T01:00:00",
    "dateReserved": "2013-12-12T00:00:00",
    "dateUpdated": "2024-08-06T09:13:10.731Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-7187 (GCVE-0-2014-7187)

Vulnerability from cvelistv5

Published

2014-09-28 19:00

Modified

2024-08-06 12:40

Severity ?

CWE

n/a

Summary

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.

References

URL

Tags

	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	x_refsource_MISC
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577137423233&w=2	vendor-advisory, x_refsource_HP
	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383138121313&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/archive/1/533593/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	x_refsource_CONFIRM
	http://secunia.com/advisories/61188	third-party-advisory, x_refsource_SECUNIA
	http://jvn.jp/en/jp/JVN55667175/index.html	third-party-advisory, x_refsource_JVN
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/60433	third-party-advisory, x_refsource_SECUNIA
	http://openwall.com/lists/oss-security/2014/09/25/32	mailing-list, x_refsource_MLIST
	http://marc.info/?l=bugtraq&m=141383026420882&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141585637922673&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141576728022234&w=2	vendor-advisory, x_refsource_HP
	http://support.novell.com/security/cve/CVE-2014-7187.html	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61636	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61816	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61442	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358078406056&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61283	third-party-advisory, x_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html	vendor-advisory, x_refsource_APPLE
	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61654	third-party-advisory, x_refsource_SECUNIA
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	x_refsource_CONFIRM
	http://secunia.com/advisories/62312	third-party-advisory, x_refsource_SECUNIA
	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1312.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61703	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2364-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/61065	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383196021590&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141383081521087&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	x_refsource_CONFIRM
	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	third-party-advisory, x_refsource_JVNDB
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61641	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html	vendor-advisory, x_refsource_SUSE
	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Oct/0	mailing-list, x_refsource_FULLDISC
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	vendor-advisory, x_refsource_MANDRIVA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	x_refsource_CONFIRM
	https://support.apple.com/HT205267	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60024	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	x_refsource_MISC
	http://secunia.com/advisories/61622	third-party-advisory, x_refsource_SECUNIA
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	vendor-advisory, x_refsource_CISCO
	http://openwall.com/lists/oss-security/2014/09/28/10	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/62343	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61565	third-party-advisory, x_refsource_SECUNIA
	https://www.suse.com/support/shellshock/	x_refsource_CONFIRM
	http://support.apple.com/HT204244	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141450491804793&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61313	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142289270617409&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61873	third-party-advisory, x_refsource_SECUNIA
	http://openwall.com/lists/oss-security/2014/09/26/2	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/61485	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61618	third-party-advisory, x_refsource_SECUNIA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577297623641&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383244821813&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60193	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61479	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60063	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60034	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59907	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58200	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141577241923505&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61643	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015721	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	x_refsource_CONFIRM
	http://secunia.com/advisories/61503	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-1354.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=142289270617409&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	x_refsource_CONFIRM
	http://www.qnap.com/i/en/support/con_show.php?cid=61	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141694386919794&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61552	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX200223	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141330468527613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61855	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60044	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61291	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141345648114150&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61287	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://marc.info/?l=bugtraq&m=141383304022067&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1311.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/61128	third-party-advisory, x_refsource_SECUNIA
	https://support.citrix.com/article/CTX200217	x_refsource_CONFIRM
	http://secunia.com/advisories/60055	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61550	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61633	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	x_refsource_CONFIRM
	https://kb.bluecoat.com/index?page=content&id=SA82	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	x_refsource_CONFIRM
	http://secunia.com/advisories/61129	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61603	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61857	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:40:19.211Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
          },
          {
            "name": "HPSBMU03165",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
          },
          {
            "name": "HPSBST03131",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
          },
          {
            "name": "SSRT101819",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
          },
          {
            "name": "HPSBMU03245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2014:1229",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
          },
          {
            "name": "61188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61188"
          },
          {
            "name": "JVN#55667175",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
          },
          {
            "name": "openSUSE-SU-2014:1254",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
          },
          {
            "name": "60433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60433"
          },
          {
            "name": "[oss-security] 20140925 Fwd: Non-upstream patches for bash",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2014/09/25/32"
          },
          {
            "name": "HPSBMU03143",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
          },
          {
            "name": "HPSBMU03182",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
          },
          {
            "name": "HPSBST03155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/security/cve/CVE-2014-7187.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
          },
          {
            "name": "61636",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61636"
          },
          {
            "name": "61816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61816"
          },
          {
            "name": "openSUSE-SU-2014:1310",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
          },
          {
            "name": "61442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61442"
          },
          {
            "name": "HPSBMU03246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
          },
          {
            "name": "61283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61283"
          },
          {
            "name": "APPLE-SA-2015-09-30-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
          },
          {
            "name": "openSUSE-SU-2014:1308",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
          },
          {
            "name": "61654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61654"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
          },
          {
            "name": "62312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62312"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
          },
          {
            "name": "HPSBMU03217",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "RHSA-2014:1312",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
          },
          {
            "name": "SSRT101868",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61703"
          },
          {
            "name": "USN-2364-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2364-1"
          },
          {
            "name": "61065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61065"
          },
          {
            "name": "HPSBST03129",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
          },
          {
            "name": "HPSBMU03144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
          },
          {
            "name": "JVNDB-2014-000126",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
          },
          {
            "name": "SSRT101827",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "61641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61641"
          },
          {
            "name": "SUSE-SU-2014:1247",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
          },
          {
            "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
          },
          {
            "name": "MDVSA-2015:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT205267"
          },
          {
            "name": "HPSBMU03220",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "60024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
          },
          {
            "name": "61622",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61622"
          },
          {
            "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
          },
          {
            "name": "[oss-security] 20140928 Re: CVE-2014-6271: remote code execution through bash",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2014/09/28/10"
          },
          {
            "name": "62343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62343"
          },
          {
            "name": "61565",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/shellshock/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/HT204244"
          },
          {
            "name": "HPSBST03157",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
          },
          {
            "name": "61313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61313"
          },
          {
            "name": "SSRT101830",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
          },
          {
            "name": "SSRT101742",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "61873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61873"
          },
          {
            "name": "[oss-security] 20140926 Re: Fwd: Non-upstream patches for bash",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2014/09/26/2"
          },
          {
            "name": "61485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61485"
          },
          {
            "name": "openSUSE-SU-2014:1242",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
          },
          {
            "name": "61618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61618"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
          },
          {
            "name": "HPSBST03154",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
          },
          {
            "name": "HPSBGN03142",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
          },
          {
            "name": "61312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61312"
          },
          {
            "name": "60193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
          },
          {
            "name": "61479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61479"
          },
          {
            "name": "60063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60063"
          },
          {
            "name": "60034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60034"
          },
          {
            "name": "59907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59907"
          },
          {
            "name": "58200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58200"
          },
          {
            "name": "HPSBST03181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
          },
          {
            "name": "61643",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61643"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
          },
          {
            "name": "61503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
          },
          {
            "name": "RHSA-2014:1354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
          },
          {
            "name": "HPSBMU03236",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
          },
          {
            "name": "HPSBST03148",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
          },
          {
            "name": "61552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61552"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200223"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
          },
          {
            "name": "HPSBGN03138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
          },
          {
            "name": "61855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61855"
          },
          {
            "name": "60044",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60044"
          },
          {
            "name": "61291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61291"
          },
          {
            "name": "HPSBHF03125",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
          },
          {
            "name": "61287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61287"
          },
          {
            "name": "HPSBGN03233",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "SSRT101739",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
          },
          {
            "name": "APPLE-SA-2015-01-27-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
          },
          {
            "name": "HPSBGN03141",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
          },
          {
            "name": "RHSA-2014:1311",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
          },
          {
            "name": "61128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61128"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200217"
          },
          {
            "name": "60055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60055"
          },
          {
            "name": "61550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61550"
          },
          {
            "name": "61633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61633"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
          },
          {
            "name": "SUSE-SU-2014:1259",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
          },
          {
            "name": "61328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
          },
          {
            "name": "61129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61129"
          },
          {
            "name": "61603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61603"
          },
          {
            "name": "61857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the \"word_lineno\" issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
        },
        {
          "name": "HPSBMU03165",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
        },
        {
          "name": "HPSBST03131",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
        },
        {
          "name": "SSRT101819",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
        },
        {
          "name": "HPSBMU03245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2014:1229",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
        },
        {
          "name": "61188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61188"
        },
        {
          "name": "JVN#55667175",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
        },
        {
          "name": "openSUSE-SU-2014:1254",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
        },
        {
          "name": "60433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60433"
        },
        {
          "name": "[oss-security] 20140925 Fwd: Non-upstream patches for bash",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2014/09/25/32"
        },
        {
          "name": "HPSBMU03143",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
        },
        {
          "name": "HPSBMU03182",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
        },
        {
          "name": "HPSBST03155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/security/cve/CVE-2014-7187.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
        },
        {
          "name": "61636",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61636"
        },
        {
          "name": "61816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61816"
        },
        {
          "name": "openSUSE-SU-2014:1310",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
        },
        {
          "name": "61442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61442"
        },
        {
          "name": "HPSBMU03246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
        },
        {
          "name": "61283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61283"
        },
        {
          "name": "APPLE-SA-2015-09-30-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
        },
        {
          "name": "openSUSE-SU-2014:1308",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
        },
        {
          "name": "61654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61654"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
        },
        {
          "name": "62312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62312"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
        },
        {
          "name": "HPSBMU03217",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "RHSA-2014:1312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
        },
        {
          "name": "SSRT101868",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61703"
        },
        {
          "name": "USN-2364-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2364-1"
        },
        {
          "name": "61065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61065"
        },
        {
          "name": "HPSBST03129",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
        },
        {
          "name": "HPSBMU03144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
        },
        {
          "name": "JVNDB-2014-000126",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
        },
        {
          "name": "SSRT101827",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "61641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61641"
        },
        {
          "name": "SUSE-SU-2014:1247",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
        },
        {
          "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
        },
        {
          "name": "MDVSA-2015:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT205267"
        },
        {
          "name": "HPSBMU03220",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "60024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
        },
        {
          "name": "61622",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61622"
        },
        {
          "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
        },
        {
          "name": "[oss-security] 20140928 Re: CVE-2014-6271: remote code execution through bash",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2014/09/28/10"
        },
        {
          "name": "62343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62343"
        },
        {
          "name": "61565",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/support/shellshock/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/HT204244"
        },
        {
          "name": "HPSBST03157",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
        },
        {
          "name": "61313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61313"
        },
        {
          "name": "SSRT101830",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
        },
        {
          "name": "SSRT101742",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "61873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61873"
        },
        {
          "name": "[oss-security] 20140926 Re: Fwd: Non-upstream patches for bash",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2014/09/26/2"
        },
        {
          "name": "61485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61485"
        },
        {
          "name": "openSUSE-SU-2014:1242",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
        },
        {
          "name": "61618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61618"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
        },
        {
          "name": "HPSBST03154",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
        },
        {
          "name": "HPSBGN03142",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
        },
        {
          "name": "61312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61312"
        },
        {
          "name": "60193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
        },
        {
          "name": "61479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61479"
        },
        {
          "name": "60063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60063"
        },
        {
          "name": "60034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60034"
        },
        {
          "name": "59907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59907"
        },
        {
          "name": "58200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58200"
        },
        {
          "name": "HPSBST03181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
        },
        {
          "name": "61643",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61643"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
        },
        {
          "name": "61503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
        },
        {
          "name": "RHSA-2014:1354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
        },
        {
          "name": "HPSBMU03236",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
        },
        {
          "name": "HPSBST03148",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
        },
        {
          "name": "61552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61552"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200223"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
        },
        {
          "name": "HPSBGN03138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
        },
        {
          "name": "61855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61855"
        },
        {
          "name": "60044",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60044"
        },
        {
          "name": "61291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61291"
        },
        {
          "name": "HPSBHF03125",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
        },
        {
          "name": "61287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61287"
        },
        {
          "name": "HPSBGN03233",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "SSRT101739",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
        },
        {
          "name": "APPLE-SA-2015-01-27-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
        },
        {
          "name": "HPSBGN03141",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
        },
        {
          "name": "RHSA-2014:1311",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
        },
        {
          "name": "61128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61128"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200217"
        },
        {
          "name": "60055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60055"
        },
        {
          "name": "61550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61550"
        },
        {
          "name": "61633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61633"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
        },
        {
          "name": "SUSE-SU-2014:1259",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
        },
        {
          "name": "61328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
        },
        {
          "name": "61129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61129"
        },
        {
          "name": "61603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61603"
        },
        {
          "name": "61857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-7187",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the \"word_lineno\" issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
            },
            {
              "name": "HPSBMU03165",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
            },
            {
              "name": "HPSBST03131",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
            },
            {
              "name": "SSRT101819",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
            },
            {
              "name": "HPSBMU03245",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2014:1229",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
            },
            {
              "name": "61188",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61188"
            },
            {
              "name": "JVN#55667175",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
            },
            {
              "name": "openSUSE-SU-2014:1254",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
            },
            {
              "name": "60433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60433"
            },
            {
              "name": "[oss-security] 20140925 Fwd: Non-upstream patches for bash",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2014/09/25/32"
            },
            {
              "name": "HPSBMU03143",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
            },
            {
              "name": "HPSBMU03182",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
            },
            {
              "name": "HPSBST03155",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
            },
            {
              "name": "http://support.novell.com/security/cve/CVE-2014-7187.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/security/cve/CVE-2014-7187.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
            },
            {
              "name": "61636",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61636"
            },
            {
              "name": "61816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61816"
            },
            {
              "name": "openSUSE-SU-2014:1310",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
            },
            {
              "name": "61442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61442"
            },
            {
              "name": "HPSBMU03246",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
            },
            {
              "name": "61283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61283"
            },
            {
              "name": "APPLE-SA-2015-09-30-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
            },
            {
              "name": "openSUSE-SU-2014:1308",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
            },
            {
              "name": "61654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61654"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
            },
            {
              "name": "62312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62312"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
            },
            {
              "name": "HPSBMU03217",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "RHSA-2014:1312",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
            },
            {
              "name": "SSRT101868",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61703",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61703"
            },
            {
              "name": "USN-2364-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2364-1"
            },
            {
              "name": "61065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61065"
            },
            {
              "name": "HPSBST03129",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
            },
            {
              "name": "HPSBMU03144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
            },
            {
              "name": "JVNDB-2014-000126",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
            },
            {
              "name": "SSRT101827",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "61641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61641"
            },
            {
              "name": "SUSE-SU-2014:1247",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
            },
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
            },
            {
              "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
            },
            {
              "name": "MDVSA-2015:164",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
            },
            {
              "name": "https://support.apple.com/HT205267",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT205267"
            },
            {
              "name": "HPSBMU03220",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "60024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60024"
            },
            {
              "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
            },
            {
              "name": "61622",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61622"
            },
            {
              "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
            },
            {
              "name": "[oss-security] 20140928 Re: CVE-2014-6271: remote code execution through bash",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2014/09/28/10"
            },
            {
              "name": "62343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62343"
            },
            {
              "name": "61565",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61565"
            },
            {
              "name": "https://www.suse.com/support/shellshock/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/support/shellshock/"
            },
            {
              "name": "http://support.apple.com/HT204244",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/HT204244"
            },
            {
              "name": "HPSBST03157",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
            },
            {
              "name": "61313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61313"
            },
            {
              "name": "SSRT101830",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
            },
            {
              "name": "SSRT101742",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "61873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61873"
            },
            {
              "name": "[oss-security] 20140926 Re: Fwd: Non-upstream patches for bash",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2014/09/26/2"
            },
            {
              "name": "61485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61485"
            },
            {
              "name": "openSUSE-SU-2014:1242",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
            },
            {
              "name": "61618",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61618"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
            },
            {
              "name": "HPSBST03154",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
            },
            {
              "name": "HPSBGN03142",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
            },
            {
              "name": "61312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61312"
            },
            {
              "name": "60193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60193"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
            },
            {
              "name": "61479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61479"
            },
            {
              "name": "60063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60063"
            },
            {
              "name": "60034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60034"
            },
            {
              "name": "59907",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59907"
            },
            {
              "name": "58200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58200"
            },
            {
              "name": "HPSBST03181",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
            },
            {
              "name": "61643",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61643"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015721",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
            },
            {
              "name": "61503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61503"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
            },
            {
              "name": "RHSA-2014:1354",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
            },
            {
              "name": "HPSBMU03236",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
            },
            {
              "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
              "refsource": "CONFIRM",
              "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
            },
            {
              "name": "HPSBST03148",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
            },
            {
              "name": "61552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61552"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
            },
            {
              "name": "https://support.citrix.com/article/CTX200223",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200223"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
            },
            {
              "name": "HPSBGN03138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
            },
            {
              "name": "61855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61855"
            },
            {
              "name": "60044",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60044"
            },
            {
              "name": "61291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61291"
            },
            {
              "name": "HPSBHF03125",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
            },
            {
              "name": "61287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61287"
            },
            {
              "name": "HPSBGN03233",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "SSRT101739",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
            },
            {
              "name": "APPLE-SA-2015-01-27-4",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
            },
            {
              "name": "HPSBGN03141",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
            },
            {
              "name": "RHSA-2014:1311",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
            },
            {
              "name": "61128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61128"
            },
            {
              "name": "https://support.citrix.com/article/CTX200217",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200217"
            },
            {
              "name": "60055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60055"
            },
            {
              "name": "61550",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61550"
            },
            {
              "name": "61633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61633"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
            },
            {
              "name": "SUSE-SU-2014:1259",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
            },
            {
              "name": "61328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
            },
            {
              "name": "61129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61129"
            },
            {
              "name": "61603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61603"
            },
            {
              "name": "61857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-7187",
    "datePublished": "2014-09-28T19:00:00",
    "dateReserved": "2014-09-25T00:00:00",
    "dateUpdated": "2024-08-06T12:40:19.211Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3853 (GCVE-0-2010-3853)

Vulnerability from cvelistv5

Published

2011-01-24 17:00

Modified

2024-08-07 03:26

Severity ?

CWE

n/a

Summary

pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program.

References

URL

Tags

	http://security.gentoo.org/glsa/glsa-201206-31.xml	vendor-advisory, x_refsource_GENTOO
	http://lists.vmware.com/pipermail/security-announce/2011/000126.html	mailing-list, x_refsource_MLIST
	http://www.vupen.com/english/advisories/2011/0606	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/516909/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:220	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/49711	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2010-0891.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=643043	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-0819.html	vendor-advisory, x_refsource_REDHAT
	http://www.vmware.com/security/advisories/VMSA-2011-0004.html	x_refsource_CONFIRM
	http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_namespace/pam_namespace.c?view=log#rev1.13	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:12.299Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201206-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201206-31.xml"
          },
          {
            "name": "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2011/000126.html"
          },
          {
            "name": "ADV-2011-0606",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0606"
          },
          {
            "name": "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516909/100/0/threaded"
          },
          {
            "name": "MDVSA-2010:220",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220"
          },
          {
            "name": "49711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49711"
          },
          {
            "name": "RHSA-2010:0891",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0891.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=643043"
          },
          {
            "name": "RHSA-2010:0819",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0819.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_namespace/pam_namespace.c?view=log#rev1.13"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "GLSA-201206-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201206-31.xml"
        },
        {
          "name": "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2011/000126.html"
        },
        {
          "name": "ADV-2011-0606",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0606"
        },
        {
          "name": "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516909/100/0/threaded"
        },
        {
          "name": "MDVSA-2010:220",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220"
        },
        {
          "name": "49711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49711"
        },
        {
          "name": "RHSA-2010:0891",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0891.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=643043"
        },
        {
          "name": "RHSA-2010:0819",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0819.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_namespace/pam_namespace.c?view=log#rev1.13"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-3853",
    "datePublished": "2011-01-24T17:00:00",
    "dateReserved": "2010-10-08T00:00:00",
    "dateUpdated": "2024-08-07T03:26:12.299Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3563 (GCVE-0-2009-3563)

Vulnerability from cvelistv5

Published

2009-12-09 00:00

Modified

2024-08-07 06:31

Severity ?

CWE

n/a

Summary

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.

References

URL

Tags

	http://www.kb.cert.org/vuls/id/568372	third-party-advisory
	http://secunia.com/advisories/38832	third-party-advisory
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225	vdb-entry, signature
	http://support.avaya.com/css/P8/documents/100071808
	http://secunia.com/advisories/38794	third-party-advisory
	http://lists.vmware.com/pipermail/security-announce/2010/000082.html	mailing-list
	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html	vendor-advisory
	https://bugzilla.redhat.com/show_bug.cgi?id=531213
	http://secunia.com/advisories/38764	third-party-advisory
	http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode
	http://www.kb.cert.org/vuls/id/MAPG-7X7V6J
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376	vdb-entry, signature
	http://www.securityfocus.com/bid/37255	vdb-entry
	http://marc.info/?l=bugtraq&m=136482797910018&w=2	vendor-advisory
	http://secunia.com/advisories/39593	third-party-advisory
	http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047	vendor-advisory
	http://www.vupen.com/english/advisories/2010/0993	vdb-entry
	http://www.debian.org/security/2009/dsa-1948	vendor-advisory
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074
	http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc
	http://marc.info/?l=bugtraq&m=130168580504508&w=2	vendor-advisory
	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1	vendor-advisory
	http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659	vendor-advisory
	http://marc.info/?l=bugtraq&m=130168580504508&w=2	vendor-advisory
	https://support.ntp.org/bugs/show_bug.cgi?id=1331
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076	vdb-entry, signature
	http://secunia.com/advisories/37922	third-party-advisory
	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc	vendor-advisory
	http://secunia.com/advisories/38834	third-party-advisory
	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html	vendor-advisory
	http://security-tracker.debian.org/tracker/CVE-2009-3563
	http://securitytracker.com/id?1023298	vdb-entry
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141	vdb-entry, signature
	https://rhn.redhat.com/errata/RHSA-2009-1651.html	vendor-advisory
	http://secunia.com/advisories/37629	third-party-advisory
	https://rhn.redhat.com/errata/RHSA-2010-0095.html	vendor-advisory
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
	http://marc.info/?l=bugtraq&m=136482797910018&w=2	vendor-advisory
	https://lists.ntp.org/pipermail/announce/2009-December/000086.html	mailing-list
	http://www.vupen.com/english/advisories/2010/0510	vdb-entry
	https://rhn.redhat.com/errata/RHSA-2009-1648.html	vendor-advisory
	http://www.kb.cert.org/vuls/id/MAPG-7X7VD7
	http://www.vupen.com/english/advisories/2010/0528	vdb-entry
	https://www.kb.cert.org/vuls/id/417980	third-party-advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#568372",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/568372"
          },
          {
            "name": "38832",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38832"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
          },
          {
            "name": "oval:org.mitre.oval:def:11225",
            "tags": [
              "vdb-entry",
              "signature",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://support.avaya.com/css/P8/documents/100071808"
          },
          {
            "name": "38794",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38794"
          },
          {
            "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
          },
          {
            "name": "FEDORA-2009-13121",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
          },
          {
            "name": "38764",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38764"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
          },
          {
            "name": "oval:org.mitre.oval:def:19376",
            "tags": [
              "vdb-entry",
              "signature",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
          },
          {
            "name": "37255",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37255"
          },
          {
            "name": "SSRT101144",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
          },
          {
            "name": "39593",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39593"
          },
          {
            "name": "IZ71047",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
          },
          {
            "name": "ADV-2010-0993",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0993"
          },
          {
            "name": "DSA-1948",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1948"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
          },
          {
            "name": "HPSBUX02639",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
          },
          {
            "name": "1021781",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
          },
          {
            "name": "IZ68659",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
          },
          {
            "name": "SSRT100293",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
          },
          {
            "name": "oval:org.mitre.oval:def:7076",
            "tags": [
              "vdb-entry",
              "signature",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
          },
          {
            "name": "37922",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37922"
          },
          {
            "name": "NetBSD-SA2010-005",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc"
          },
          {
            "name": "38834",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38834"
          },
          {
            "name": "FEDORA-2009-13090",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
          },
          {
            "name": "1023298",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023298"
          },
          {
            "name": "oval:org.mitre.oval:def:12141",
            "tags": [
              "vdb-entry",
              "signature",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
          },
          {
            "name": "RHSA-2009:1651",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
          },
          {
            "name": "37629",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37629"
          },
          {
            "name": "RHSA-2010:0095",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
          },
          {
            "name": "HPSBUX02859",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
          },
          {
            "name": "[announce] 20091208 NTP 4.2.4p8 Released",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
          },
          {
            "name": "ADV-2010-0510",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0510"
          },
          {
            "name": "RHSA-2009:1648",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
          },
          {
            "name": "ADV-2010-0528",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0528"
          },
          {
            "name": "VU#417980",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/417980"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-12-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-19T21:06:04.060505",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#568372",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://www.kb.cert.org/vuls/id/568372"
        },
        {
          "name": "38832",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/38832"
        },
        {
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
        },
        {
          "name": "oval:org.mitre.oval:def:11225",
          "tags": [
            "vdb-entry",
            "signature"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
        },
        {
          "url": "http://support.avaya.com/css/P8/documents/100071808"
        },
        {
          "name": "38794",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/38794"
        },
        {
          "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
          "tags": [
            "mailing-list"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
        },
        {
          "name": "FEDORA-2009-13121",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
        },
        {
          "name": "38764",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/38764"
        },
        {
          "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
        },
        {
          "url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
        },
        {
          "name": "oval:org.mitre.oval:def:19376",
          "tags": [
            "vdb-entry",
            "signature"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
        },
        {
          "name": "37255",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/37255"
        },
        {
          "name": "SSRT101144",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
        },
        {
          "name": "39593",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/39593"
        },
        {
          "name": "IZ71047",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
        },
        {
          "name": "ADV-2010-0993",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0993"
        },
        {
          "name": "DSA-1948",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1948"
        },
        {
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
        },
        {
          "url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
        },
        {
          "name": "HPSBUX02639",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
        },
        {
          "name": "1021781",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
        },
        {
          "name": "IZ68659",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
        },
        {
          "name": "SSRT100293",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
        },
        {
          "url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
        },
        {
          "name": "oval:org.mitre.oval:def:7076",
          "tags": [
            "vdb-entry",
            "signature"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
        },
        {
          "name": "37922",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/37922"
        },
        {
          "name": "NetBSD-SA2010-005",
          "tags": [
            "vendor-advisory"
          ],
          "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc"
        },
        {
          "name": "38834",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/38834"
        },
        {
          "name": "FEDORA-2009-13090",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
        },
        {
          "url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
        },
        {
          "name": "1023298",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://securitytracker.com/id?1023298"
        },
        {
          "name": "oval:org.mitre.oval:def:12141",
          "tags": [
            "vdb-entry",
            "signature"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
        },
        {
          "name": "RHSA-2009:1651",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
        },
        {
          "name": "37629",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/37629"
        },
        {
          "name": "RHSA-2010:0095",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
        },
        {
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
        },
        {
          "name": "HPSBUX02859",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
        },
        {
          "name": "[announce] 20091208 NTP 4.2.4p8 Released",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
        },
        {
          "name": "ADV-2010-0510",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0510"
        },
        {
          "name": "RHSA-2009:1648",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
        },
        {
          "url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
        },
        {
          "name": "ADV-2010-0528",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0528"
        },
        {
          "name": "VU#417980",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.kb.cert.org/vuls/id/417980"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3563",
    "datePublished": "2009-12-09T00:00:00",
    "dateReserved": "2009-10-05T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3316 (GCVE-0-2010-3316)

Vulnerability from cvelistv5

Published

2011-01-24 17:00

Modified

2024-08-07 03:03

Severity ?

CWE

n/a

Summary

The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.

References

URL

Tags

	http://openwall.com/lists/oss-security/2010/09/27/5	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2010/09/21/3	mailing-list, x_refsource_MLIST
	http://security.gentoo.org/glsa/glsa-201206-31.xml	vendor-advisory, x_refsource_GENTOO
	http://lists.vmware.com/pipermail/security-announce/2011/000126.html	mailing-list, x_refsource_MLIST
	http://www.vupen.com/english/advisories/2011/0606	vdb-entry, x_refsource_VUPEN
	https://bugzilla.redhat.com/show_bug.cgi?id=637898	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/516909/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2010/09/24/2	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2010/08/16/2	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2010/09/21/8	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2010/09/27/10	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2010/09/27/4	mailing-list, x_refsource_MLIST
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:220	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/49711	third-party-advisory, x_refsource_SECUNIA
	http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2010/09/27/7	mailing-list, x_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2010-0891.html	vendor-advisory, x_refsource_REDHAT
	http://openwall.com/lists/oss-security/2010/10/25/2	mailing-list, x_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2010-0819.html	vendor-advisory, x_refsource_REDHAT
	http://www.vmware.com/security/advisories/VMSA-2011-0004.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:03:18.998Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/27/5"
          },
          {
            "name": "[oss-security] 20100921 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/21/3"
          },
          {
            "name": "GLSA-201206-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201206-31.xml"
          },
          {
            "name": "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2011/000126.html"
          },
          {
            "name": "ADV-2011-0606",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0606"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=637898"
          },
          {
            "name": "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516909/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/tracker/?func=detail\u0026aid=3028213\u0026group_id=6663\u0026atid=106663"
          },
          {
            "name": "[oss-security] 20100924 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/09/24/2"
          },
          {
            "name": "[oss-security] 20100816 Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/08/16/2"
          },
          {
            "name": "[oss-security] 20100921 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/21/8"
          },
          {
            "name": "[oss-security] 20100928 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/27/10"
          },
          {
            "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/27/4"
          },
          {
            "name": "MDVSA-2010:220",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220"
          },
          {
            "name": "49711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49711"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6"
          },
          {
            "name": "[oss-security] 20100928 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/27/7"
          },
          {
            "name": "RHSA-2010:0891",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0891.html"
          },
          {
            "name": "[oss-security] 20101025 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/10/25/2"
          },
          {
            "name": "RHSA-2010:0819",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0819.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/27/5"
        },
        {
          "name": "[oss-security] 20100921 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/21/3"
        },
        {
          "name": "GLSA-201206-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201206-31.xml"
        },
        {
          "name": "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2011/000126.html"
        },
        {
          "name": "ADV-2011-0606",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0606"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=637898"
        },
        {
          "name": "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516909/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://sourceforge.net/tracker/?func=detail\u0026aid=3028213\u0026group_id=6663\u0026atid=106663"
        },
        {
          "name": "[oss-security] 20100924 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/09/24/2"
        },
        {
          "name": "[oss-security] 20100816 Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/08/16/2"
        },
        {
          "name": "[oss-security] 20100921 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/21/8"
        },
        {
          "name": "[oss-security] 20100928 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/27/10"
        },
        {
          "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/27/4"
        },
        {
          "name": "MDVSA-2010:220",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220"
        },
        {
          "name": "49711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49711"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6"
        },
        {
          "name": "[oss-security] 20100928 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/27/7"
        },
        {
          "name": "RHSA-2010:0891",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0891.html"
        },
        {
          "name": "[oss-security] 20101025 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/10/25/2"
        },
        {
          "name": "RHSA-2010:0819",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0819.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-3316",
    "datePublished": "2011-01-24T17:00:00",
    "dateReserved": "2010-09-13T00:00:00",
    "dateUpdated": "2024-08-07T03:03:18.998Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-4566 (GCVE-0-2011-4566)

Vulnerability from cvelistv5

Published

2011-11-29 00:00

Modified

2024-08-07 00:09

Severity ?

CWE

n/a

Summary

Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708.

References

URL

Tags

	http://secunia.com/advisories/47253	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/50907	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2012/dsa-2399	vendor-advisory, x_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:197	vendor-advisory, x_refsource_MANDRIVA
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html	vendor-advisory, x_refsource_SUSE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/71612	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/48668	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2012-0019.html	vendor-advisory, x_refsource_REDHAT
	https://bugs.php.net/bug.php?id=60150	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2012-0071.html	vendor-advisory, x_refsource_REDHAT
	https://www.ubuntu.com/usn/USN-1307-1/	vendor-advisory, x_refsource_UBUNTU
	http://support.apple.com/kb/HT5281	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2012/May/msg00001.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:09:18.945Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "47253",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47253"
          },
          {
            "name": "50907",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/50907"
          },
          {
            "name": "DSA-2399",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2399"
          },
          {
            "name": "MDVSA-2011:197",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:197"
          },
          {
            "name": "openSUSE-SU-2012:0426",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
          },
          {
            "name": "php-exifprocessifdtag-dos(71612)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71612"
          },
          {
            "name": "48668",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48668"
          },
          {
            "name": "RHSA-2012:0019",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2012-0019.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=60150"
          },
          {
            "name": "RHSA-2012:0071",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
          },
          {
            "name": "USN-1307-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://www.ubuntu.com/usn/USN-1307-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5281"
          },
          {
            "name": "APPLE-SA-2012-05-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-11-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "47253",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47253"
        },
        {
          "name": "50907",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/50907"
        },
        {
          "name": "DSA-2399",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2399"
        },
        {
          "name": "MDVSA-2011:197",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:197"
        },
        {
          "name": "openSUSE-SU-2012:0426",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
        },
        {
          "name": "php-exifprocessifdtag-dos(71612)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71612"
        },
        {
          "name": "48668",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48668"
        },
        {
          "name": "RHSA-2012:0019",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2012-0019.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=60150"
        },
        {
          "name": "RHSA-2012:0071",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
        },
        {
          "name": "USN-1307-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://www.ubuntu.com/usn/USN-1307-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5281"
        },
        {
          "name": "APPLE-SA-2012-05-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-4566",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "47253",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/47253"
            },
            {
              "name": "50907",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/50907"
            },
            {
              "name": "DSA-2399",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2399"
            },
            {
              "name": "MDVSA-2011:197",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:197"
            },
            {
              "name": "openSUSE-SU-2012:0426",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
            },
            {
              "name": "php-exifprocessifdtag-dos(71612)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71612"
            },
            {
              "name": "48668",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48668"
            },
            {
              "name": "RHSA-2012:0019",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2012-0019.html"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=60150",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=60150"
            },
            {
              "name": "RHSA-2012:0071",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
            },
            {
              "name": "USN-1307-1",
              "refsource": "UBUNTU",
              "url": "https://www.ubuntu.com/usn/USN-1307-1/"
            },
            {
              "name": "http://support.apple.com/kb/HT5281",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5281"
            },
            {
              "name": "APPLE-SA-2012-05-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-4566",
    "datePublished": "2011-11-29T00:00:00",
    "dateReserved": "2011-11-28T00:00:00",
    "dateUpdated": "2024-08-07T00:09:18.945Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1265 (GCVE-0-2009-1265)

Vulnerability from cvelistv5

Published

2009-04-08 01:00

Modified

2024-08-07 05:04

Severity ?

CWE

n/a

Summary

Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.

References

URL

Tags

	http://secunia.com/advisories/35390	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2009:135	vendor-advisory, x_refsource_MANDRIVA
	http://osvdb.org/53630	vdb-entry, x_refsource_OSVDB
	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/35656	third-party-advisory, x_refsource_SECUNIA
	http://bugzilla.kernel.org/show_bug.cgi?id=10423	x_refsource_MISC
	http://www.debian.org/security/2009/dsa-1794	vendor-advisory, x_refsource_DEBIAN
	http://osvdb.org/53571	vdb-entry, x_refsource_OSVDB
	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/35185	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/35011	third-party-advisory, x_refsource_SECUNIA
	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/34654	vdb-entry, x_refsource_BID
	http://www.openwall.com/lists/oss-security/2009/04/08/2	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/usn-793-1	vendor-advisory, x_refsource_UBUNTU
	http://osvdb.org/53631	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/34981	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2009/dsa-1800	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/35387	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2009/dsa-1787	vendor-advisory, x_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=MDVSA-2009:119	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/35121	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/35394	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.368Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "35390",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35390"
          },
          {
            "name": "MDVSA-2009:135",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
          },
          {
            "name": "53630",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53630"
          },
          {
            "name": "SUSE-SA:2009:028",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"
          },
          {
            "name": "SUSE-SA:2009:032",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"
          },
          {
            "name": "35656",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35656"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"
          },
          {
            "name": "DSA-1794",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1794"
          },
          {
            "name": "53571",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53571"
          },
          {
            "name": "SUSE-SA:2009:030",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
          },
          {
            "name": "35185",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35185"
          },
          {
            "name": "35011",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35011"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"
          },
          {
            "name": "34654",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34654"
          },
          {
            "name": "[oss-security] 20090408 CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"
          },
          {
            "name": "SUSE-SA:2009:031",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
          },
          {
            "name": "USN-793-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-793-1"
          },
          {
            "name": "53631",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53631"
          },
          {
            "name": "34981",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34981"
          },
          {
            "name": "DSA-1800",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1800"
          },
          {
            "name": "35387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35387"
          },
          {
            "name": "DSA-1787",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1787"
          },
          {
            "name": "MDVSA-2009:119",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"
          },
          {
            "name": "35121",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35121"
          },
          {
            "name": "35394",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35394"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes \"garbage\" memory to be sent."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-04-16T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "35390",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35390"
        },
        {
          "name": "MDVSA-2009:135",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
        },
        {
          "name": "53630",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53630"
        },
        {
          "name": "SUSE-SA:2009:028",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"
        },
        {
          "name": "SUSE-SA:2009:032",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"
        },
        {
          "name": "35656",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35656"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"
        },
        {
          "name": "DSA-1794",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1794"
        },
        {
          "name": "53571",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53571"
        },
        {
          "name": "SUSE-SA:2009:030",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
        },
        {
          "name": "35185",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35185"
        },
        {
          "name": "35011",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35011"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"
        },
        {
          "name": "34654",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34654"
        },
        {
          "name": "[oss-security] 20090408 CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"
        },
        {
          "name": "SUSE-SA:2009:031",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
        },
        {
          "name": "USN-793-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-793-1"
        },
        {
          "name": "53631",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53631"
        },
        {
          "name": "34981",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34981"
        },
        {
          "name": "DSA-1800",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1800"
        },
        {
          "name": "35387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35387"
        },
        {
          "name": "DSA-1787",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1787"
        },
        {
          "name": "MDVSA-2009:119",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"
        },
        {
          "name": "35121",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35121"
        },
        {
          "name": "35394",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35394"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1265",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes \"garbage\" memory to be sent."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "35390",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35390"
            },
            {
              "name": "MDVSA-2009:135",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
            },
            {
              "name": "53630",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53630"
            },
            {
              "name": "SUSE-SA:2009:028",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"
            },
            {
              "name": "SUSE-SA:2009:032",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"
            },
            {
              "name": "35656",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35656"
            },
            {
              "name": "http://bugzilla.kernel.org/show_bug.cgi?id=10423",
              "refsource": "MISC",
              "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"
            },
            {
              "name": "DSA-1794",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1794"
            },
            {
              "name": "53571",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53571"
            },
            {
              "name": "SUSE-SA:2009:030",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
            },
            {
              "name": "35185",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35185"
            },
            {
              "name": "35011",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35011"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"
            },
            {
              "name": "34654",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34654"
            },
            {
              "name": "[oss-security] 20090408 CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"
            },
            {
              "name": "SUSE-SA:2009:031",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
            },
            {
              "name": "USN-793-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-793-1"
            },
            {
              "name": "53631",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53631"
            },
            {
              "name": "34981",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34981"
            },
            {
              "name": "DSA-1800",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1800"
            },
            {
              "name": "35387",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35387"
            },
            {
              "name": "DSA-1787",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1787"
            },
            {
              "name": "MDVSA-2009:119",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"
            },
            {
              "name": "35121",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35121"
            },
            {
              "name": "35394",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35394"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1265",
    "datePublished": "2009-04-08T01:00:00",
    "dateReserved": "2009-04-07T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.368Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-6278 (GCVE-0-2014-6278)

Vulnerability from cvelistv5

Published

2014-09-30 10:00

Modified

2025-10-02 16:20

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

n/a

Summary

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577137423233&w=2	vendor-advisory, x_refsource_HP
	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	x_refsource_CONFIRM
	http://linux.oracle.com/errata/ELSA-2014-3093	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	x_refsource_CONFIRM
	http://jvn.jp/en/jp/JVN55667175/index.html	third-party-advisory, x_refsource_JVN
	http://secunia.com/advisories/60433	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383026420882&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141585637922673&w=2	vendor-advisory, x_refsource_HP
	http://packetstormsecurity.com/files/137344/Sun-Secure-Global-Desktop-Oracle-Global-Desktop-Shellshock.html	x_refsource_MISC
	http://marc.info/?l=bugtraq&m=141576728022234&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61816	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61442	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358078406056&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61283	third-party-advisory, x_refsource_SECUNIA
	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	x_refsource_CONFIRM
	http://secunia.com/advisories/61654	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2380-1	vendor-advisory, x_refsource_UBUNTU
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	x_refsource_CONFIRM
	http://secunia.com/advisories/62312	third-party-advisory, x_refsource_SECUNIA
	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	https://security-tracker.debian.org/tracker/CVE-2014-6278	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61703	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61065	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383196021590&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141383081521087&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	x_refsource_CONFIRM
	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	third-party-advisory, x_refsource_JVNDB
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61641	third-party-advisory, x_refsource_SECUNIA
	https://www.exploit-db.com/exploits/39887/	exploit, x_refsource_EXPLOIT-DB
	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	vendor-advisory, x_refsource_MANDRIVA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60325	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60024	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	x_refsource_MISC
	http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html	x_refsource_MISC
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	vendor-advisory, x_refsource_CISCO
	https://bugzilla.redhat.com/show_bug.cgi?id=1147414	x_refsource_CONFIRM
	http://secunia.com/advisories/62343	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61565	third-party-advisory, x_refsource_SECUNIA
	https://www.suse.com/support/shellshock/	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141450491804793&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61313	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61485	third-party-advisory, x_refsource_SECUNIA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577297623641&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383244821813&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61312	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-3094	x_refsource_CONFIRM
	http://secunia.com/advisories/60193	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	x_refsource_CONFIRM
	http://secunia.com/advisories/60063	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60034	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59907	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58200	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141577241923505&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61643	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015721	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	x_refsource_CONFIRM
	http://secunia.com/advisories/61503	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	x_refsource_CONFIRM
	http://support.novell.com/security/cve/CVE-2014-6278.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383465822787&w=2	vendor-advisory, x_refsource_HP
	http://www.qnap.com/i/en/support/con_show.php?cid=61	x_refsource_CONFIRM
	http://secunia.com/advisories/61552	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61780	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX200223	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/39568/	exploit, x_refsource_EXPLOIT-DB
	http://marc.info/?l=bugtraq&m=141330468527613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60044	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61291	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141345648114150&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61287	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383353622268&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383304022067&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61128	third-party-advisory, x_refsource_SECUNIA
	https://support.citrix.com/article/CTX200217	x_refsource_CONFIRM
	http://secunia.com/advisories/61471	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60055	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59961	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61550	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61633	third-party-advisory, x_refsource_SECUNIA
	http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html	x_refsource_MISC
	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	x_refsource_CONFIRM
	https://kb.bluecoat.com/index?page=content&id=SA82	x_refsource_CONFIRM
	http://secunia.com/advisories/61328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	x_refsource_CONFIRM
	http://secunia.com/advisories/61129	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61603	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61857	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	x_refsource_CONFIRM
	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:10:13.322Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
          },
          {
            "name": "HPSBMU03165",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3093"
          },
          {
            "name": "SSRT101819",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "HPSBMU03245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
          },
          {
            "name": "JVN#55667175",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
          },
          {
            "name": "60433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60433"
          },
          {
            "name": "HPSBMU03143",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
          },
          {
            "name": "HPSBMU03182",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/137344/Sun-Secure-Global-Desktop-Oracle-Global-Desktop-Shellshock.html"
          },
          {
            "name": "HPSBST03155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
          },
          {
            "name": "61816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61816"
          },
          {
            "name": "openSUSE-SU-2014:1310",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
          },
          {
            "name": "61442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61442"
          },
          {
            "name": "HPSBMU03246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
          },
          {
            "name": "61283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61283"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
          },
          {
            "name": "61654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61654"
          },
          {
            "name": "USN-2380-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2380-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
          },
          {
            "name": "62312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62312"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
          },
          {
            "name": "HPSBMU03217",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2014-6278"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
          },
          {
            "name": "SSRT101868",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61703"
          },
          {
            "name": "61065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61065"
          },
          {
            "name": "HPSBST03129",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
          },
          {
            "name": "HPSBMU03144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
          },
          {
            "name": "JVNDB-2014-000126",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
          },
          {
            "name": "SSRT101827",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "61641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61641"
          },
          {
            "name": "39887",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39887/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
          },
          {
            "name": "SUSE-SU-2014:1287",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
          },
          {
            "name": "MDVSA-2015:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
          },
          {
            "name": "HPSBMU03220",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "60325",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60325"
          },
          {
            "name": "60024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html"
          },
          {
            "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147414"
          },
          {
            "name": "62343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62343"
          },
          {
            "name": "61565",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/shellshock/"
          },
          {
            "name": "HPSBST03157",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
          },
          {
            "name": "61313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61313"
          },
          {
            "name": "SSRT101742",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "61485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61485"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
          },
          {
            "name": "HPSBST03154",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
          },
          {
            "name": "HPSBGN03142",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
          },
          {
            "name": "61312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61312"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3094"
          },
          {
            "name": "60193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
          },
          {
            "name": "60063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60063"
          },
          {
            "name": "60034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60034"
          },
          {
            "name": "59907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59907"
          },
          {
            "name": "58200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58200"
          },
          {
            "name": "HPSBST03181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
          },
          {
            "name": "61643",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61643"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
          },
          {
            "name": "61503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/security/cve/CVE-2014-6278.html"
          },
          {
            "name": "HPSBHF03145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
          },
          {
            "name": "61552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61552"
          },
          {
            "name": "61780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61780"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200223"
          },
          {
            "name": "39568",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39568/"
          },
          {
            "name": "HPSBGN03138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
          },
          {
            "name": "60044",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60044"
          },
          {
            "name": "61291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61291"
          },
          {
            "name": "HPSBHF03125",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
          },
          {
            "name": "61287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61287"
          },
          {
            "name": "HPSBHF03146",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
          },
          {
            "name": "HPSBGN03233",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "SSRT101739",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
          },
          {
            "name": "HPSBGN03141",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
          },
          {
            "name": "61128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61128"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200217"
          },
          {
            "name": "61471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61471"
          },
          {
            "name": "60055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60055"
          },
          {
            "name": "59961",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59961"
          },
          {
            "name": "61550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61550"
          },
          {
            "name": "61633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61633"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
          },
          {
            "name": "61328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
          },
          {
            "name": "61129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61129"
          },
          {
            "name": "61603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61603"
          },
          {
            "name": "61857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2014-6278",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-01T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-10-02",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6278"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-78",
                "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-02T16:20:23.634Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2025-10-02T00:00:00+00:00",
            "value": "CVE-2014-6278 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-05T16:38:18.000Z",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
        },
        {
          "name": "HPSBMU03165",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3093"
        },
        {
          "name": "SSRT101819",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "HPSBMU03245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
        },
        {
          "name": "JVN#55667175",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
        },
        {
          "name": "60433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60433"
        },
        {
          "name": "HPSBMU03143",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
        },
        {
          "name": "HPSBMU03182",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/137344/Sun-Secure-Global-Desktop-Oracle-Global-Desktop-Shellshock.html"
        },
        {
          "name": "HPSBST03155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
        },
        {
          "name": "61816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61816"
        },
        {
          "name": "openSUSE-SU-2014:1310",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
        },
        {
          "name": "61442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61442"
        },
        {
          "name": "HPSBMU03246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
        },
        {
          "name": "61283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61283"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
        },
        {
          "name": "61654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61654"
        },
        {
          "name": "USN-2380-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2380-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
        },
        {
          "name": "62312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62312"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
        },
        {
          "name": "HPSBMU03217",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2014-6278"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
        },
        {
          "name": "SSRT101868",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61703"
        },
        {
          "name": "61065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61065"
        },
        {
          "name": "HPSBST03129",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
        },
        {
          "name": "HPSBMU03144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
        },
        {
          "name": "JVNDB-2014-000126",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
        },
        {
          "name": "SSRT101827",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "61641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61641"
        },
        {
          "name": "39887",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39887/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
        },
        {
          "name": "SUSE-SU-2014:1287",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
        },
        {
          "name": "MDVSA-2015:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
        },
        {
          "name": "HPSBMU03220",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "60325",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60325"
        },
        {
          "name": "60024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html"
        },
        {
          "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147414"
        },
        {
          "name": "62343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62343"
        },
        {
          "name": "61565",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/support/shellshock/"
        },
        {
          "name": "HPSBST03157",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
        },
        {
          "name": "61313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61313"
        },
        {
          "name": "SSRT101742",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "61485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61485"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
        },
        {
          "name": "HPSBST03154",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
        },
        {
          "name": "HPSBGN03142",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
        },
        {
          "name": "61312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61312"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3094"
        },
        {
          "name": "60193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
        },
        {
          "name": "60063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60063"
        },
        {
          "name": "60034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60034"
        },
        {
          "name": "59907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59907"
        },
        {
          "name": "58200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58200"
        },
        {
          "name": "HPSBST03181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
        },
        {
          "name": "61643",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61643"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
        },
        {
          "name": "61503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/security/cve/CVE-2014-6278.html"
        },
        {
          "name": "HPSBHF03145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
        },
        {
          "name": "61552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61552"
        },
        {
          "name": "61780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61780"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200223"
        },
        {
          "name": "39568",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39568/"
        },
        {
          "name": "HPSBGN03138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
        },
        {
          "name": "60044",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60044"
        },
        {
          "name": "61291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61291"
        },
        {
          "name": "HPSBHF03125",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
        },
        {
          "name": "61287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61287"
        },
        {
          "name": "HPSBHF03146",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
        },
        {
          "name": "HPSBGN03233",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "SSRT101739",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
        },
        {
          "name": "HPSBGN03141",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
        },
        {
          "name": "61128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61128"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200217"
        },
        {
          "name": "61471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61471"
        },
        {
          "name": "60055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60055"
        },
        {
          "name": "59961",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59961"
        },
        {
          "name": "61550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61550"
        },
        {
          "name": "61633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61633"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
        },
        {
          "name": "61328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
        },
        {
          "name": "61129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61129"
        },
        {
          "name": "61603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61603"
        },
        {
          "name": "61857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2014-6278",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
            },
            {
              "name": "HPSBMU03165",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3093",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3093"
            },
            {
              "name": "SSRT101819",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "HPSBMU03245",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
            },
            {
              "name": "JVN#55667175",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
            },
            {
              "name": "60433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60433"
            },
            {
              "name": "HPSBMU03143",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
            },
            {
              "name": "HPSBMU03182",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
            },
            {
              "name": "http://packetstormsecurity.com/files/137344/Sun-Secure-Global-Desktop-Oracle-Global-Desktop-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/137344/Sun-Secure-Global-Desktop-Oracle-Global-Desktop-Shellshock.html"
            },
            {
              "name": "HPSBST03155",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
            },
            {
              "name": "61816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61816"
            },
            {
              "name": "openSUSE-SU-2014:1310",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
            },
            {
              "name": "61442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61442"
            },
            {
              "name": "HPSBMU03246",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
            },
            {
              "name": "61283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61283"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
            },
            {
              "name": "61654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61654"
            },
            {
              "name": "USN-2380-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2380-1"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
            },
            {
              "name": "62312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62312"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
            },
            {
              "name": "HPSBMU03217",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "https://security-tracker.debian.org/tracker/CVE-2014-6278",
              "refsource": "CONFIRM",
              "url": "https://security-tracker.debian.org/tracker/CVE-2014-6278"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
            },
            {
              "name": "SSRT101868",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61703",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61703"
            },
            {
              "name": "61065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61065"
            },
            {
              "name": "HPSBST03129",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
            },
            {
              "name": "HPSBMU03144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
            },
            {
              "name": "JVNDB-2014-000126",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
            },
            {
              "name": "SSRT101827",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "61641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61641"
            },
            {
              "name": "39887",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/39887/"
            },
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
            },
            {
              "name": "SUSE-SU-2014:1287",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
            },
            {
              "name": "MDVSA-2015:164",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
            },
            {
              "name": "HPSBMU03220",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "60325",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60325"
            },
            {
              "name": "60024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60024"
            },
            {
              "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
            },
            {
              "name": "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html",
              "refsource": "MISC",
              "url": "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html"
            },
            {
              "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1147414",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147414"
            },
            {
              "name": "62343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62343"
            },
            {
              "name": "61565",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61565"
            },
            {
              "name": "https://www.suse.com/support/shellshock/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/support/shellshock/"
            },
            {
              "name": "HPSBST03157",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
            },
            {
              "name": "61313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61313"
            },
            {
              "name": "SSRT101742",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "61485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61485"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
            },
            {
              "name": "HPSBST03154",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
            },
            {
              "name": "HPSBGN03142",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
            },
            {
              "name": "61312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61312"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3094",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3094"
            },
            {
              "name": "60193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60193"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
            },
            {
              "name": "60063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60063"
            },
            {
              "name": "60034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60034"
            },
            {
              "name": "59907",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59907"
            },
            {
              "name": "58200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58200"
            },
            {
              "name": "HPSBST03181",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
            },
            {
              "name": "61643",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61643"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015721",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
            },
            {
              "name": "61503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61503"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
            },
            {
              "name": "http://support.novell.com/security/cve/CVE-2014-6278.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/security/cve/CVE-2014-6278.html"
            },
            {
              "name": "HPSBHF03145",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
            },
            {
              "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
              "refsource": "CONFIRM",
              "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
            },
            {
              "name": "61552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61552"
            },
            {
              "name": "61780",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61780"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
            },
            {
              "name": "https://support.citrix.com/article/CTX200223",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200223"
            },
            {
              "name": "39568",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/39568/"
            },
            {
              "name": "HPSBGN03138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
            },
            {
              "name": "60044",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60044"
            },
            {
              "name": "61291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61291"
            },
            {
              "name": "HPSBHF03125",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
            },
            {
              "name": "61287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61287"
            },
            {
              "name": "HPSBHF03146",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
            },
            {
              "name": "HPSBGN03233",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "SSRT101739",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
            },
            {
              "name": "HPSBGN03141",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
            },
            {
              "name": "61128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61128"
            },
            {
              "name": "https://support.citrix.com/article/CTX200217",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200217"
            },
            {
              "name": "61471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61471"
            },
            {
              "name": "60055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60055"
            },
            {
              "name": "59961",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59961"
            },
            {
              "name": "61550",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61550"
            },
            {
              "name": "61633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61633"
            },
            {
              "name": "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html",
              "refsource": "MISC",
              "url": "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
            },
            {
              "name": "61328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
            },
            {
              "name": "61129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61129"
            },
            {
              "name": "61603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61603"
            },
            {
              "name": "61857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2014-6278",
    "datePublished": "2014-09-30T10:00:00.000Z",
    "dateReserved": "2014-09-09T00:00:00.000Z",
    "dateUpdated": "2025-10-02T16:20:23.634Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0119 (GCVE-0-2014-0119)

Vulnerability from cvelistv5

Published

2014-05-31 10:00

Modified

2024-08-06 09:05

Severity ?

CWE

n/a

Summary

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.

References

URL

Tags

	http://svn.apache.org/viewvc?view=revision&revision=1590036	x_refsource_CONFIRM
	http://advisories.mageia.org/MGASA-2014-0268.html	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1589837	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2654-1	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2015-0765.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59732	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2015-0675.html	vendor-advisory, x_refsource_REDHAT
	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21681528	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:052	vendor-advisory, x_refsource_MANDRIVA
	http://rhn.redhat.com/errata/RHSA-2015-0720.html	vendor-advisory, x_refsource_REDHAT
	http://svn.apache.org/viewvc?view=revision&revision=1590028	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1589992	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:084	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2016/dsa-3530	vendor-advisory, x_refsource_DEBIAN
	http://svn.apache.org/viewvc?view=revision&revision=1589983	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141017844705317&w=2	vendor-advisory, x_refsource_HP
	http://tomcat.apache.org/security-7.html	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/534161/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:053	vendor-advisory, x_refsource_MANDRIVA
	http://svn.apache.org/viewvc?view=revision&revision=1588199	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1589997	x_refsource_CONFIRM
	http://tomcat.apache.org/security-8.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21678231	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1589980	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1589640	x_refsource_CONFIRM
	http://tomcat.apache.org/security-6.html	x_refsource_CONFIRM
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59873	third-party-advisory, x_refsource_SECUNIA
	http://seclists.org/fulldisclosure/2014/May/141	mailing-list, x_refsource_FULLDISC
	http://svn.apache.org/viewvc?view=revision&revision=1589985	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1593815	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Dec/23	mailing-list, x_refsource_FULLDISC
	http://svn.apache.org/viewvc?view=revision&revision=1589990	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=144498216801440&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141017844705317&w=2	vendor-advisory, x_refsource_HP
	http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1588193	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/67669	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1030298	vdb-entry, x_refsource_SECTRACK
	http://www.debian.org/security/2016/dsa-3552	vendor-advisory, x_refsource_DEBIAN
	http://svn.apache.org/viewvc?view=revision&revision=1593821	x_refsource_CONFIRM
	http://secunia.com/advisories/60729	third-party-advisory, x_refsource_SECUNIA
	https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:39.129Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1590036"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589837"
          },
          {
            "name": "USN-2654-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2654-1"
          },
          {
            "name": "RHSA-2015:0765",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
          },
          {
            "name": "59732",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59732"
          },
          {
            "name": "RHSA-2015:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
          },
          {
            "name": "MDVSA-2015:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
          },
          {
            "name": "RHSA-2015:0720",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1590028"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589992"
          },
          {
            "name": "MDVSA-2015:084",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
          },
          {
            "name": "DSA-3530",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3530"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589983"
          },
          {
            "name": "HPSBUX03102",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-7.html"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
          },
          {
            "name": "MDVSA-2015:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1588199"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589997"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-8.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589980"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589640"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-6.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
          },
          {
            "name": "59873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59873"
          },
          {
            "name": "20140527 [SECURITY] CVE-2014-0119 Apache Tomcat information disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/May/141"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589985"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1593815"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589990"
          },
          {
            "name": "HPSBOV03503",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
          },
          {
            "name": "SSRT101681",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1588193"
          },
          {
            "name": "67669",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/67669"
          },
          {
            "name": "1030298",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030298"
          },
          {
            "name": "DSA-3552",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3552"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1593821"
          },
          {
            "name": "60729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60729"
          },
          {
            "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-13T16:10:07",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1590036"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589837"
        },
        {
          "name": "USN-2654-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2654-1"
        },
        {
          "name": "RHSA-2015:0765",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
        },
        {
          "name": "59732",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59732"
        },
        {
          "name": "RHSA-2015:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
        },
        {
          "name": "MDVSA-2015:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
        },
        {
          "name": "RHSA-2015:0720",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1590028"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589992"
        },
        {
          "name": "MDVSA-2015:084",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
        },
        {
          "name": "DSA-3530",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3530"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589983"
        },
        {
          "name": "HPSBUX03102",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-7.html"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
        },
        {
          "name": "MDVSA-2015:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1588199"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589997"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-8.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589980"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589640"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-6.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
        },
        {
          "name": "59873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59873"
        },
        {
          "name": "20140527 [SECURITY] CVE-2014-0119 Apache Tomcat information disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/May/141"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589985"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1593815"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589990"
        },
        {
          "name": "HPSBOV03503",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
        },
        {
          "name": "SSRT101681",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1588193"
        },
        {
          "name": "67669",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/67669"
        },
        {
          "name": "1030298",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030298"
        },
        {
          "name": "DSA-3552",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3552"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1593821"
        },
        {
          "name": "60729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60729"
        },
        {
          "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-0119",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1590036",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1590036"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0268.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589837",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589837"
            },
            {
              "name": "USN-2654-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2654-1"
            },
            {
              "name": "RHSA-2015:0765",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
            },
            {
              "name": "59732",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59732"
            },
            {
              "name": "RHSA-2015:0675",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
            },
            {
              "name": "MDVSA-2015:052",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
            },
            {
              "name": "RHSA-2015:0720",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1590028",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1590028"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589992",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589992"
            },
            {
              "name": "MDVSA-2015:084",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
            },
            {
              "name": "DSA-3530",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3530"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589983",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589983"
            },
            {
              "name": "HPSBUX03102",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
            },
            {
              "name": "http://tomcat.apache.org/security-7.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-7.html"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
            },
            {
              "name": "MDVSA-2015:053",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1588199",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1588199"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589997",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589997"
            },
            {
              "name": "http://tomcat.apache.org/security-8.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-8.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589980",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589980"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589640",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589640"
            },
            {
              "name": "http://tomcat.apache.org/security-6.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-6.html"
            },
            {
              "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013",
              "refsource": "CONFIRM",
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
            },
            {
              "name": "59873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59873"
            },
            {
              "name": "20140527 [SECURITY] CVE-2014-0119 Apache Tomcat information disclosure",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/May/141"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589985",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589985"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1593815",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1593815"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589990",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1589990"
            },
            {
              "name": "HPSBOV03503",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
            },
            {
              "name": "SSRT101681",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1588193",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1588193"
            },
            {
              "name": "67669",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/67669"
            },
            {
              "name": "1030298",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030298"
            },
            {
              "name": "DSA-3552",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3552"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1593821",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1593821"
            },
            {
              "name": "60729",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60729"
            },
            {
              "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0119",
    "datePublished": "2014-05-31T10:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:39.129Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-0788 (GCVE-0-2012-0788)

Vulnerability from cvelistv5

Published

2012-02-14 15:00

Modified

2024-08-06 18:38

Severity ?

CWE

n/a

Summary

The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html	vendor-advisory, x_refsource_SUSE
	https://bugs.php.net/bug.php?id=55776	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/48668	third-party-advisory, x_refsource_SECUNIA
	http://www.php.net/ChangeLog-5.php#5.3.9	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=783605	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:38:14.567Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2012:0411",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=55776"
          },
          {
            "name": "openSUSE-SU-2012:0426",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
          },
          {
            "name": "48668",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48668"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php#5.3.9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=783605"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-09-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-08T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2012:0411",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=55776"
        },
        {
          "name": "openSUSE-SU-2012:0426",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
        },
        {
          "name": "48668",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48668"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php#5.3.9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=783605"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-0788",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2012:0411",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=55776",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=55776"
            },
            {
              "name": "openSUSE-SU-2012:0426",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
            },
            {
              "name": "48668",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48668"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php#5.3.9",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-5.php#5.3.9"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=783605",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=783605"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-0788",
    "datePublished": "2012-02-14T15:00:00",
    "dateReserved": "2012-01-19T00:00:00",
    "dateUpdated": "2024-08-06T18:38:14.567Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-3158 (GCVE-0-2012-3158)

Vulnerability from cvelistv5

Published

2012-10-16 23:00

Modified

2024-08-06 19:57

Severity ?

CWE

n/a

Summary

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.

References

URL

Tags

	http://secunia.com/advisories/51177	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2012-1462.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2013:102	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/53372	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-201308-06.xml	vendor-advisory, x_refsource_GENTOO
	http://www.debian.org/security/2012/dsa-2581	vendor-advisory, x_refsource_DEBIAN
	http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html	x_refsource_CONFIRM
	http://secunia.com/advisories/51309	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/79382	vdb-entry, x_refsource_XF
	http://www.ubuntu.com/usn/USN-1621-1	vendor-advisory, x_refsource_UBUNTU
	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	vendor-advisory, x_refsource_MANDRIVA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:57:49.907Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "51177",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51177"
          },
          {
            "name": "RHSA-2012:1462",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
          },
          {
            "name": "MDVSA-2013:102",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:102"
          },
          {
            "name": "53372",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/53372"
          },
          {
            "name": "GLSA-201308-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
          },
          {
            "name": "DSA-2581",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2581"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
          },
          {
            "name": "51309",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51309"
          },
          {
            "name": "mysqlserver-protocol-cve20123158(79382)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79382"
          },
          {
            "name": "USN-1621-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1621-1"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "51177",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51177"
        },
        {
          "name": "RHSA-2012:1462",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
        },
        {
          "name": "MDVSA-2013:102",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:102"
        },
        {
          "name": "53372",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/53372"
        },
        {
          "name": "GLSA-201308-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
        },
        {
          "name": "DSA-2581",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2581"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
        },
        {
          "name": "51309",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51309"
        },
        {
          "name": "mysqlserver-protocol-cve20123158(79382)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79382"
        },
        {
          "name": "USN-1621-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1621-1"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2012-3158",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "51177",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51177"
            },
            {
              "name": "RHSA-2012:1462",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
            },
            {
              "name": "MDVSA-2013:102",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:102"
            },
            {
              "name": "53372",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/53372"
            },
            {
              "name": "GLSA-201308-06",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
            },
            {
              "name": "DSA-2581",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2581"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
            },
            {
              "name": "51309",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51309"
            },
            {
              "name": "mysqlserver-protocol-cve20123158(79382)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79382"
            },
            {
              "name": "USN-1621-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1621-1"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2012-3158",
    "datePublished": "2012-10-16T23:00:00",
    "dateReserved": "2012-06-06T00:00:00",
    "dateUpdated": "2024-08-06T19:57:49.907Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-4825 (GCVE-0-2014-4825)

Vulnerability from cvelistv5

Published

2014-10-19 01:00

Modified

2024-08-06 11:27

Severity ?

CWE

n/a

Summary

IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not properly implement secure connections, which allows man-in-the-middle attackers to discover cleartext credentials via unspecified vectors.

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilities/95575	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21686478	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:27:36.886Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-qvm-cve20144825-mitm(95575)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95575"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not properly implement secure connections, which allows man-in-the-middle attackers to discover cleartext credentials via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-qvm-cve20144825-mitm(95575)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95575"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-4825",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not properly implement secure connections, which allows man-in-the-middle attackers to discover cleartext credentials via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-qvm-cve20144825-mitm(95575)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95575"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-4825",
    "datePublished": "2014-10-19T01:00:00",
    "dateReserved": "2014-07-09T00:00:00",
    "dateUpdated": "2024-08-06T11:27:36.886Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0076 (GCVE-0-2014-0076)

Vulnerability from cvelistv5

Published

2014-03-25 01:00

Modified

2024-08-06 09:05

Severity ?

CWE

n/a

Summary

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.

References

URL

Tags

	http://www.novell.com/support/kb/doc.php?id=7015300	x_refsource_CONFIRM
	http://secunia.com/advisories/59264	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59454	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/66363	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/58492	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015264	x_refsource_CONFIRM
	https://bugs.gentoo.org/show_bug.cgi?id=505278	x_refsource_CONFIRM
	http://secunia.com/advisories/59445	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140266410314613&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21676655	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676092	x_refsource_CONFIRM
	http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=isg400001843	x_refsource_CONFIRM
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140317760000786&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21677828	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140621259019789&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59300	third-party-advisory, x_refsource_SECUNIA
	http://advisories.mageia.org/MGASA-2014-0165.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21677695	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/59495	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg400001841	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59655	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59374	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676501	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140389274407904&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/58939	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140266410314613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59514	third-party-advisory, x_refsource_SECUNIA
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl	vendor-advisory, x_refsource_CISCO
	https://kc.mcafee.com/corporate/index?page=content&id=SB10075	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676419	x_refsource_CONFIRM
	http://secunia.com/advisories/59438	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140482916501310&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/58727	third-party-advisory, x_refsource_SECUNIA
	http://www.openssl.org/news/secadv_20140605.txt	x_refsource_CONFIRM
	http://support.apple.com/kb/HT6443	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2165-1	vendor-advisory, x_refsource_UBUNTU
	http://marc.info/?l=bugtraq&m=140904544427729&w=2	vendor-advisory, x_refsource_HP
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2014:067	vendor-advisory, x_refsource_MANDRIVA
	http://marc.info/?l=bugtraq&m=140752315422991&w=2	vendor-advisory, x_refsource_HP
	https://bugzilla.novell.com/show_bug.cgi?id=869945	x_refsource_CONFIRM
	http://secunia.com/advisories/59040	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140389355508263&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59175	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140448122410568&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59413	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59721	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676062	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21673137	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	vendor-advisory, x_refsource_MANDRIVA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676035	x_refsource_CONFIRM
	http://secunia.com/advisories/59450	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59364	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676424	x_refsource_CONFIRM
	http://secunia.com/advisories/60571	third-party-advisory, x_refsource_SECUNIA
	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm	x_refsource_CONFIRM
	http://secunia.com/advisories/59162	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59490	third-party-advisory, x_refsource_SECUNIA
	http://eprint.iacr.org/2014/140	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:37.865Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015300"
          },
          {
            "name": "59264",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59264"
          },
          {
            "name": "59454",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59454"
          },
          {
            "name": "66363",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/66363"
          },
          {
            "name": "58492",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58492"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015264"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.gentoo.org/show_bug.cgi?id=505278"
          },
          {
            "name": "59445",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59445"
          },
          {
            "name": "HPSBUX03046",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
          },
          {
            "name": "HPSBOV03047",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
          },
          {
            "name": "HPSBMU03074",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
          },
          {
            "name": "59300",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59300"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0165.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
          },
          {
            "name": "openSUSE-SU-2014:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html"
          },
          {
            "name": "59495",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
          },
          {
            "name": "openSUSE-SU-2016:0640",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "name": "59655",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59655"
          },
          {
            "name": "59374",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59374"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "name": "HPSBMU03057",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
          },
          {
            "name": "58939",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58939"
          },
          {
            "name": "SSRT101590",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
          },
          {
            "name": "59514",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59514"
          },
          {
            "name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
          },
          {
            "name": "59438",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59438"
          },
          {
            "name": "HPSBGN03050",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
          },
          {
            "name": "58727",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58727"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openssl.org/news/secadv_20140605.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6443"
          },
          {
            "name": "USN-2165-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2165-1"
          },
          {
            "name": "HPSBMU03076",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
          },
          {
            "name": "MDVSA-2014:067",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:067"
          },
          {
            "name": "HPSBMU03062",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.novell.com/show_bug.cgi?id=869945"
          },
          {
            "name": "59040",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59040"
          },
          {
            "name": "HPSBMU03056",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
          },
          {
            "name": "59175",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59175"
          },
          {
            "name": "HPSBMU03051",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
          },
          {
            "name": "59413",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59413"
          },
          {
            "name": "59721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
          },
          {
            "name": "MDVSA-2015:062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
          },
          {
            "name": "59450",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59450"
          },
          {
            "name": "59364",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59364"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424"
          },
          {
            "name": "60571",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60571"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
          },
          {
            "name": "59162",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59162"
          },
          {
            "name": "59490",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59490"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://eprint.iacr.org/2014/140"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-15T17:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015300"
        },
        {
          "name": "59264",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59264"
        },
        {
          "name": "59454",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59454"
        },
        {
          "name": "66363",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/66363"
        },
        {
          "name": "58492",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58492"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015264"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.gentoo.org/show_bug.cgi?id=505278"
        },
        {
          "name": "59445",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59445"
        },
        {
          "name": "HPSBUX03046",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
        },
        {
          "name": "HPSBOV03047",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
        },
        {
          "name": "HPSBMU03074",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
        },
        {
          "name": "59300",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59300"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0165.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
        },
        {
          "name": "openSUSE-SU-2014:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html"
        },
        {
          "name": "59495",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
        },
        {
          "name": "openSUSE-SU-2016:0640",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
        },
        {
          "name": "59655",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59655"
        },
        {
          "name": "59374",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59374"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "name": "HPSBMU03057",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
        },
        {
          "name": "58939",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58939"
        },
        {
          "name": "SSRT101590",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
        },
        {
          "name": "59514",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59514"
        },
        {
          "name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
        },
        {
          "name": "59438",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59438"
        },
        {
          "name": "HPSBGN03050",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
        },
        {
          "name": "58727",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58727"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openssl.org/news/secadv_20140605.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6443"
        },
        {
          "name": "USN-2165-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2165-1"
        },
        {
          "name": "HPSBMU03076",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
        },
        {
          "name": "MDVSA-2014:067",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:067"
        },
        {
          "name": "HPSBMU03062",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.novell.com/show_bug.cgi?id=869945"
        },
        {
          "name": "59040",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59040"
        },
        {
          "name": "HPSBMU03056",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
        },
        {
          "name": "59175",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59175"
        },
        {
          "name": "HPSBMU03051",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
        },
        {
          "name": "59413",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59413"
        },
        {
          "name": "59721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
        },
        {
          "name": "MDVSA-2015:062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
        },
        {
          "name": "59450",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59450"
        },
        {
          "name": "59364",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59364"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424"
        },
        {
          "name": "60571",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60571"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
        },
        {
          "name": "59162",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59162"
        },
        {
          "name": "59490",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59490"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://eprint.iacr.org/2014/140"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0076",
    "datePublished": "2014-03-25T01:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:37.865Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-2416 (GCVE-0-2009-2416)

Vulnerability from cvelistv5

Published

2009-08-11 18:00

Modified

2025-01-21 15:30

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

n/a

Summary

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.

References

URL

Tags

	http://www.ubuntu.com/usn/USN-815-1	vendor-advisory, x_refsource_UBUNTU
	https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/36631	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262	vdb-entry, signature, x_refsource_OVAL
	http://www.networkworld.com/columnists/2009/080509-xml-flaw.html	x_refsource_MISC
	https://bugzilla.redhat.com/show_bug.cgi?id=515205	x_refsource_CONFIRM
	http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://www.vupen.com/english/advisories/2009/3217	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/37471	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT4225	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/2420	vdb-entry, x_refsource_VUPEN
	https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html	vendor-advisory, x_refsource_FEDORA
	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	x_refsource_CONFIRM
	http://secunia.com/advisories/36417	third-party-advisory, x_refsource_SECUNIA
	http://www.cert.fi/en/reports/2009/vulnerability2009085.html	x_refsource_MISC
	http://www.codenomicon.com/labs/xml/	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html	vendor-advisory, x_refsource_SUSE
	http://support.apple.com/kb/HT3949	x_refsource_CONFIRM
	http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/36010	vdb-entry, x_refsource_BID
	http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/507985/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59	x_refsource_CONFIRM
	http://secunia.com/advisories/35036	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/36338	third-party-advisory, x_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html	vendor-advisory, x_refsource_FEDORA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2009/3184	vdb-entry, x_refsource_VUPEN
	http://www.debian.org/security/2009/dsa-1859	vendor-advisory, x_refsource_DEBIAN
	http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/37346	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2009/3316	vdb-entry, x_refsource_VUPEN
	http://support.apple.com/kb/HT3937	x_refsource_CONFIRM
	http://secunia.com/advisories/36207	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:52:14.792Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-815-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-815-1"
          },
          {
            "name": "FEDORA-2009-8491",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html"
          },
          {
            "name": "36631",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36631"
          },
          {
            "name": "oval:org.mitre.oval:def:9262",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515205"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html"
          },
          {
            "name": "APPLE-SA-2009-11-11-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html"
          },
          {
            "name": "ADV-2009-3217",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3217"
          },
          {
            "name": "37471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37471"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4225"
          },
          {
            "name": "ADV-2009-2420",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2420"
          },
          {
            "name": "FEDORA-2009-8580",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
          },
          {
            "name": "36417",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36417"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cert.fi/en/reports/2009/vulnerability2009085.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.codenomicon.com/labs/xml/"
          },
          {
            "name": "SUSE-SR:2009:015",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3949"
          },
          {
            "name": "[debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html"
          },
          {
            "name": "36010",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36010"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html"
          },
          {
            "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59"
          },
          {
            "name": "35036",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35036"
          },
          {
            "name": "36338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36338"
          },
          {
            "name": "FEDORA-2009-8498",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html"
          },
          {
            "name": "oval:org.mitre.oval:def:7783",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783"
          },
          {
            "name": "ADV-2009-3184",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3184"
          },
          {
            "name": "DSA-1859",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1859"
          },
          {
            "name": "APPLE-SA-2009-11-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
          },
          {
            "name": "APPLE-SA-2010-06-21-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
          },
          {
            "name": "37346",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37346"
          },
          {
            "name": "ADV-2009-3316",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3316"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3937"
          },
          {
            "name": "36207",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36207"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2009-2416",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-06T15:40:41.228438Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-21T15:30:42.200Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-815-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-815-1"
        },
        {
          "name": "FEDORA-2009-8491",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html"
        },
        {
          "name": "36631",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36631"
        },
        {
          "name": "oval:org.mitre.oval:def:9262",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515205"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html"
        },
        {
          "name": "APPLE-SA-2009-11-11-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html"
        },
        {
          "name": "ADV-2009-3217",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3217"
        },
        {
          "name": "37471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37471"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4225"
        },
        {
          "name": "ADV-2009-2420",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2420"
        },
        {
          "name": "FEDORA-2009-8580",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
        },
        {
          "name": "36417",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36417"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cert.fi/en/reports/2009/vulnerability2009085.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.codenomicon.com/labs/xml/"
        },
        {
          "name": "SUSE-SR:2009:015",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3949"
        },
        {
          "name": "[debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html"
        },
        {
          "name": "36010",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36010"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html"
        },
        {
          "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59"
        },
        {
          "name": "35036",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35036"
        },
        {
          "name": "36338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36338"
        },
        {
          "name": "FEDORA-2009-8498",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html"
        },
        {
          "name": "oval:org.mitre.oval:def:7783",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783"
        },
        {
          "name": "ADV-2009-3184",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3184"
        },
        {
          "name": "DSA-1859",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1859"
        },
        {
          "name": "APPLE-SA-2009-11-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
        },
        {
          "name": "APPLE-SA-2010-06-21-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
        },
        {
          "name": "37346",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37346"
        },
        {
          "name": "ADV-2009-3316",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3316"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3937"
        },
        {
          "name": "36207",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36207"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-2416",
    "datePublished": "2009-08-11T18:00:00",
    "dateReserved": "2009-07-09T00:00:00",
    "dateUpdated": "2025-01-21T15:30:42.200Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-6277 (GCVE-0-2014-6277)

Vulnerability from cvelistv5

Published

2014-09-27 22:00

Modified

2024-08-06 12:10

Severity ?

CWE

n/a

Summary

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577137423233&w=2	vendor-advisory, x_refsource_HP
	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	x_refsource_CONFIRM
	http://linux.oracle.com/errata/ELSA-2014-3093	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	x_refsource_CONFIRM
	http://jvn.jp/en/jp/JVN55667175/index.html	third-party-advisory, x_refsource_JVN
	http://secunia.com/advisories/60433	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383026420882&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141585637922673&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141576728022234&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61816	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61442	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358078406056&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61283	third-party-advisory, x_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html	vendor-advisory, x_refsource_APPLE
	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	x_refsource_CONFIRM
	http://secunia.com/advisories/61654	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2380-1	vendor-advisory, x_refsource_UBUNTU
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	x_refsource_CONFIRM
	http://secunia.com/advisories/62312	third-party-advisory, x_refsource_SECUNIA
	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61703	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61065	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383196021590&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141383081521087&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	x_refsource_CONFIRM
	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	third-party-advisory, x_refsource_JVNDB
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61641	third-party-advisory, x_refsource_SECUNIA
	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	vendor-advisory, x_refsource_MANDRIVA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	x_refsource_CONFIRM
	https://support.apple.com/HT205267	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60325	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60024	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	x_refsource_MISC
	http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html	x_refsource_MISC
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	vendor-advisory, x_refsource_CISCO
	http://secunia.com/advisories/62343	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61565	third-party-advisory, x_refsource_SECUNIA
	https://www.suse.com/support/shellshock/	x_refsource_CONFIRM
	http://support.apple.com/HT204244	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141450491804793&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61313	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142289270617409&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61485	third-party-advisory, x_refsource_SECUNIA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577297623641&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383244821813&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61312	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-3094	x_refsource_CONFIRM
	http://secunia.com/advisories/60193	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	x_refsource_CONFIRM
	http://secunia.com/advisories/60063	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60034	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59907	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58200	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141577241923505&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61643	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015721	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	x_refsource_CONFIRM
	http://secunia.com/advisories/61503	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142289270617409&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383465822787&w=2	vendor-advisory, x_refsource_HP
	http://www.qnap.com/i/en/support/con_show.php?cid=61	x_refsource_CONFIRM
	http://secunia.com/advisories/61552	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61780	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX200223	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141330468527613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60044	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61291	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141345648114150&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61287	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383353622268&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://marc.info/?l=bugtraq&m=141383304022067&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61128	third-party-advisory, x_refsource_SECUNIA
	https://support.citrix.com/article/CTX200217	x_refsource_CONFIRM
	http://secunia.com/advisories/61471	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60055	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59961	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61550	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61633	third-party-advisory, x_refsource_SECUNIA
	http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html	x_refsource_MISC
	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	x_refsource_CONFIRM
	http://support.novell.com/security/cve/CVE-2014-6277.html	x_refsource_CONFIRM
	https://kb.bluecoat.com/index?page=content&id=SA82	x_refsource_CONFIRM
	http://secunia.com/advisories/61328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	x_refsource_CONFIRM
	http://secunia.com/advisories/61129	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61603	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61857	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:10:13.286Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
          },
          {
            "name": "HPSBMU03165",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3093"
          },
          {
            "name": "SSRT101819",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "HPSBMU03245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
          },
          {
            "name": "JVN#55667175",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
          },
          {
            "name": "60433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60433"
          },
          {
            "name": "HPSBMU03143",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
          },
          {
            "name": "HPSBMU03182",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
          },
          {
            "name": "HPSBST03155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
          },
          {
            "name": "61816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61816"
          },
          {
            "name": "openSUSE-SU-2014:1310",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
          },
          {
            "name": "61442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61442"
          },
          {
            "name": "HPSBMU03246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
          },
          {
            "name": "61283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61283"
          },
          {
            "name": "APPLE-SA-2015-09-30-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
          },
          {
            "name": "61654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61654"
          },
          {
            "name": "USN-2380-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2380-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
          },
          {
            "name": "62312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62312"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
          },
          {
            "name": "HPSBMU03217",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
          },
          {
            "name": "SSRT101868",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61703"
          },
          {
            "name": "61065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61065"
          },
          {
            "name": "HPSBST03129",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
          },
          {
            "name": "HPSBMU03144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
          },
          {
            "name": "JVNDB-2014-000126",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
          },
          {
            "name": "SSRT101827",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "61641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61641"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
          },
          {
            "name": "SUSE-SU-2014:1287",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
          },
          {
            "name": "MDVSA-2015:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT205267"
          },
          {
            "name": "HPSBMU03220",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "60325",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60325"
          },
          {
            "name": "60024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html"
          },
          {
            "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
          },
          {
            "name": "62343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62343"
          },
          {
            "name": "61565",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/shellshock/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/HT204244"
          },
          {
            "name": "HPSBST03157",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
          },
          {
            "name": "61313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61313"
          },
          {
            "name": "SSRT101830",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
          },
          {
            "name": "SSRT101742",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "61485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61485"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
          },
          {
            "name": "HPSBST03154",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
          },
          {
            "name": "HPSBGN03142",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
          },
          {
            "name": "61312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61312"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3094"
          },
          {
            "name": "60193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
          },
          {
            "name": "60063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60063"
          },
          {
            "name": "60034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60034"
          },
          {
            "name": "59907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59907"
          },
          {
            "name": "58200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58200"
          },
          {
            "name": "HPSBST03181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
          },
          {
            "name": "61643",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61643"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
          },
          {
            "name": "61503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
          },
          {
            "name": "HPSBMU03236",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
          },
          {
            "name": "HPSBHF03145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
          },
          {
            "name": "61552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61552"
          },
          {
            "name": "61780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61780"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200223"
          },
          {
            "name": "HPSBGN03138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
          },
          {
            "name": "60044",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60044"
          },
          {
            "name": "61291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61291"
          },
          {
            "name": "HPSBHF03125",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
          },
          {
            "name": "61287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61287"
          },
          {
            "name": "HPSBHF03146",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
          },
          {
            "name": "HPSBGN03233",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "SSRT101739",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
          },
          {
            "name": "APPLE-SA-2015-01-27-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
          },
          {
            "name": "HPSBGN03141",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
          },
          {
            "name": "61128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61128"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200217"
          },
          {
            "name": "61471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61471"
          },
          {
            "name": "60055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60055"
          },
          {
            "name": "59961",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59961"
          },
          {
            "name": "61550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61550"
          },
          {
            "name": "61633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61633"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/security/cve/CVE-2014-6277.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
          },
          {
            "name": "61328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
          },
          {
            "name": "61129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61129"
          },
          {
            "name": "61603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61603"
          },
          {
            "name": "61857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-08T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
        },
        {
          "name": "HPSBMU03165",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3093"
        },
        {
          "name": "SSRT101819",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "HPSBMU03245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
        },
        {
          "name": "JVN#55667175",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
        },
        {
          "name": "60433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60433"
        },
        {
          "name": "HPSBMU03143",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
        },
        {
          "name": "HPSBMU03182",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
        },
        {
          "name": "HPSBST03155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
        },
        {
          "name": "61816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61816"
        },
        {
          "name": "openSUSE-SU-2014:1310",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
        },
        {
          "name": "61442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61442"
        },
        {
          "name": "HPSBMU03246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
        },
        {
          "name": "61283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61283"
        },
        {
          "name": "APPLE-SA-2015-09-30-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
        },
        {
          "name": "61654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61654"
        },
        {
          "name": "USN-2380-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2380-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
        },
        {
          "name": "62312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62312"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
        },
        {
          "name": "HPSBMU03217",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
        },
        {
          "name": "SSRT101868",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61703"
        },
        {
          "name": "61065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61065"
        },
        {
          "name": "HPSBST03129",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
        },
        {
          "name": "HPSBMU03144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
        },
        {
          "name": "JVNDB-2014-000126",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
        },
        {
          "name": "SSRT101827",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "61641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61641"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
        },
        {
          "name": "SUSE-SU-2014:1287",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
        },
        {
          "name": "MDVSA-2015:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT205267"
        },
        {
          "name": "HPSBMU03220",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "60325",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60325"
        },
        {
          "name": "60024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html"
        },
        {
          "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
        },
        {
          "name": "62343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62343"
        },
        {
          "name": "61565",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/support/shellshock/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/HT204244"
        },
        {
          "name": "HPSBST03157",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
        },
        {
          "name": "61313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61313"
        },
        {
          "name": "SSRT101830",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
        },
        {
          "name": "SSRT101742",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "61485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61485"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
        },
        {
          "name": "HPSBST03154",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
        },
        {
          "name": "HPSBGN03142",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
        },
        {
          "name": "61312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61312"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3094"
        },
        {
          "name": "60193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
        },
        {
          "name": "60063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60063"
        },
        {
          "name": "60034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60034"
        },
        {
          "name": "59907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59907"
        },
        {
          "name": "58200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58200"
        },
        {
          "name": "HPSBST03181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
        },
        {
          "name": "61643",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61643"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
        },
        {
          "name": "61503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
        },
        {
          "name": "HPSBMU03236",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
        },
        {
          "name": "HPSBHF03145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
        },
        {
          "name": "61552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61552"
        },
        {
          "name": "61780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61780"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200223"
        },
        {
          "name": "HPSBGN03138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
        },
        {
          "name": "60044",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60044"
        },
        {
          "name": "61291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61291"
        },
        {
          "name": "HPSBHF03125",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
        },
        {
          "name": "61287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61287"
        },
        {
          "name": "HPSBHF03146",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
        },
        {
          "name": "HPSBGN03233",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "SSRT101739",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
        },
        {
          "name": "APPLE-SA-2015-01-27-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
        },
        {
          "name": "HPSBGN03141",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
        },
        {
          "name": "61128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61128"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200217"
        },
        {
          "name": "61471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61471"
        },
        {
          "name": "60055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60055"
        },
        {
          "name": "59961",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59961"
        },
        {
          "name": "61550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61550"
        },
        {
          "name": "61633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61633"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/security/cve/CVE-2014-6277.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
        },
        {
          "name": "61328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
        },
        {
          "name": "61129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61129"
        },
        {
          "name": "61603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61603"
        },
        {
          "name": "61857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2014-6277",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
            },
            {
              "name": "HPSBMU03165",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3093",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3093"
            },
            {
              "name": "SSRT101819",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "HPSBMU03245",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
            },
            {
              "name": "JVN#55667175",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
            },
            {
              "name": "60433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60433"
            },
            {
              "name": "HPSBMU03143",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
            },
            {
              "name": "HPSBMU03182",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
            },
            {
              "name": "HPSBST03155",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
            },
            {
              "name": "61816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61816"
            },
            {
              "name": "openSUSE-SU-2014:1310",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
            },
            {
              "name": "61442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61442"
            },
            {
              "name": "HPSBMU03246",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
            },
            {
              "name": "61283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61283"
            },
            {
              "name": "APPLE-SA-2015-09-30-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
            },
            {
              "name": "61654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61654"
            },
            {
              "name": "USN-2380-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2380-1"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
            },
            {
              "name": "62312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62312"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
            },
            {
              "name": "HPSBMU03217",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
            },
            {
              "name": "SSRT101868",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61703",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61703"
            },
            {
              "name": "61065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61065"
            },
            {
              "name": "HPSBST03129",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
            },
            {
              "name": "HPSBMU03144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
            },
            {
              "name": "JVNDB-2014-000126",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
            },
            {
              "name": "SSRT101827",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "61641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61641"
            },
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
            },
            {
              "name": "SUSE-SU-2014:1287",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
            },
            {
              "name": "MDVSA-2015:164",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
            },
            {
              "name": "https://support.apple.com/HT205267",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT205267"
            },
            {
              "name": "HPSBMU03220",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "60325",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60325"
            },
            {
              "name": "60024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60024"
            },
            {
              "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
            },
            {
              "name": "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html",
              "refsource": "MISC",
              "url": "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html"
            },
            {
              "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
            },
            {
              "name": "62343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62343"
            },
            {
              "name": "61565",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61565"
            },
            {
              "name": "https://www.suse.com/support/shellshock/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/support/shellshock/"
            },
            {
              "name": "http://support.apple.com/HT204244",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/HT204244"
            },
            {
              "name": "HPSBST03157",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
            },
            {
              "name": "61313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61313"
            },
            {
              "name": "SSRT101830",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
            },
            {
              "name": "SSRT101742",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "61485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61485"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
            },
            {
              "name": "HPSBST03154",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
            },
            {
              "name": "HPSBGN03142",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
            },
            {
              "name": "61312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61312"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3094",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3094"
            },
            {
              "name": "60193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60193"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
            },
            {
              "name": "60063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60063"
            },
            {
              "name": "60034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60034"
            },
            {
              "name": "59907",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59907"
            },
            {
              "name": "58200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58200"
            },
            {
              "name": "HPSBST03181",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
            },
            {
              "name": "61643",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61643"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015721",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
            },
            {
              "name": "61503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61503"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
            },
            {
              "name": "HPSBMU03236",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
            },
            {
              "name": "HPSBHF03145",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
            },
            {
              "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
              "refsource": "CONFIRM",
              "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
            },
            {
              "name": "61552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61552"
            },
            {
              "name": "61780",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61780"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
            },
            {
              "name": "https://support.citrix.com/article/CTX200223",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200223"
            },
            {
              "name": "HPSBGN03138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
            },
            {
              "name": "60044",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60044"
            },
            {
              "name": "61291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61291"
            },
            {
              "name": "HPSBHF03125",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
            },
            {
              "name": "61287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61287"
            },
            {
              "name": "HPSBHF03146",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
            },
            {
              "name": "HPSBGN03233",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "SSRT101739",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
            },
            {
              "name": "APPLE-SA-2015-01-27-4",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
            },
            {
              "name": "HPSBGN03141",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
            },
            {
              "name": "61128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61128"
            },
            {
              "name": "https://support.citrix.com/article/CTX200217",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200217"
            },
            {
              "name": "61471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61471"
            },
            {
              "name": "60055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60055"
            },
            {
              "name": "59961",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59961"
            },
            {
              "name": "61550",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61550"
            },
            {
              "name": "61633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61633"
            },
            {
              "name": "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html",
              "refsource": "MISC",
              "url": "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
            },
            {
              "name": "http://support.novell.com/security/cve/CVE-2014-6277.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/security/cve/CVE-2014-6277.html"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
            },
            {
              "name": "61328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
            },
            {
              "name": "61129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61129"
            },
            {
              "name": "61603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61603"
            },
            {
              "name": "61857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2014-6277",
    "datePublished": "2014-09-27T22:00:00",
    "dateReserved": "2014-09-09T00:00:00",
    "dateUpdated": "2024-08-06T12:10:13.286Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-2414 (GCVE-0-2009-2414)

Vulnerability from cvelistv5

Published

2009-08-11 18:00

Modified

2024-08-07 05:52

Severity ?

CWE

n/a

Summary

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework.

References

URL

Tags

	http://www.ubuntu.com/usn/USN-815-1	vendor-advisory, x_refsource_UBUNTU
	https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/36631	third-party-advisory, x_refsource_SECUNIA
	http://www.networkworld.com/columnists/2009/080509-xml-flaw.html	x_refsource_MISC
	http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://www.vupen.com/english/advisories/2009/3217	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/37471	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT4225	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/2420	vdb-entry, x_refsource_VUPEN
	https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html	vendor-advisory, x_refsource_FEDORA
	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	x_refsource_CONFIRM
	http://secunia.com/advisories/36417	third-party-advisory, x_refsource_SECUNIA
	http://www.cert.fi/en/reports/2009/vulnerability2009085.html	x_refsource_MISC
	http://www.codenomicon.com/labs/xml/	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html	vendor-advisory, x_refsource_SUSE
	http://support.apple.com/kb/HT3949	x_refsource_CONFIRM
	http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/36010	vdb-entry, x_refsource_BID
	http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/507985/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59	x_refsource_CONFIRM
	http://secunia.com/advisories/35036	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/36338	third-party-advisory, x_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html	vendor-advisory, x_refsource_FEDORA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8639	vdb-entry, signature, x_refsource_OVAL
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10129	vdb-entry, signature, x_refsource_OVAL
	https://bugzilla.redhat.com/show_bug.cgi?id=515195	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/3184	vdb-entry, x_refsource_VUPEN
	http://www.debian.org/security/2009/dsa-1859	vendor-advisory, x_refsource_DEBIAN
	http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/37346	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2009/3316	vdb-entry, x_refsource_VUPEN
	http://support.apple.com/kb/HT3937	x_refsource_CONFIRM
	http://secunia.com/advisories/36207	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:52:14.941Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-815-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-815-1"
          },
          {
            "name": "FEDORA-2009-8491",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html"
          },
          {
            "name": "36631",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36631"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html"
          },
          {
            "name": "APPLE-SA-2009-11-11-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html"
          },
          {
            "name": "ADV-2009-3217",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3217"
          },
          {
            "name": "37471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37471"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4225"
          },
          {
            "name": "ADV-2009-2420",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2420"
          },
          {
            "name": "FEDORA-2009-8580",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
          },
          {
            "name": "36417",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36417"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cert.fi/en/reports/2009/vulnerability2009085.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.codenomicon.com/labs/xml/"
          },
          {
            "name": "SUSE-SR:2009:015",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3949"
          },
          {
            "name": "[debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html"
          },
          {
            "name": "36010",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36010"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html"
          },
          {
            "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59"
          },
          {
            "name": "35036",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35036"
          },
          {
            "name": "36338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36338"
          },
          {
            "name": "FEDORA-2009-8498",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html"
          },
          {
            "name": "oval:org.mitre.oval:def:8639",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8639"
          },
          {
            "name": "oval:org.mitre.oval:def:10129",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10129"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515195"
          },
          {
            "name": "ADV-2009-3184",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3184"
          },
          {
            "name": "DSA-1859",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1859"
          },
          {
            "name": "APPLE-SA-2009-11-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
          },
          {
            "name": "APPLE-SA-2010-06-21-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
          },
          {
            "name": "37346",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37346"
          },
          {
            "name": "ADV-2009-3316",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3316"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3937"
          },
          {
            "name": "36207",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36207"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-815-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-815-1"
        },
        {
          "name": "FEDORA-2009-8491",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html"
        },
        {
          "name": "36631",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36631"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html"
        },
        {
          "name": "APPLE-SA-2009-11-11-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html"
        },
        {
          "name": "ADV-2009-3217",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3217"
        },
        {
          "name": "37471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37471"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4225"
        },
        {
          "name": "ADV-2009-2420",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2420"
        },
        {
          "name": "FEDORA-2009-8580",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
        },
        {
          "name": "36417",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36417"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cert.fi/en/reports/2009/vulnerability2009085.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.codenomicon.com/labs/xml/"
        },
        {
          "name": "SUSE-SR:2009:015",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3949"
        },
        {
          "name": "[debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html"
        },
        {
          "name": "36010",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36010"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html"
        },
        {
          "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59"
        },
        {
          "name": "35036",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35036"
        },
        {
          "name": "36338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36338"
        },
        {
          "name": "FEDORA-2009-8498",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html"
        },
        {
          "name": "oval:org.mitre.oval:def:8639",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8639"
        },
        {
          "name": "oval:org.mitre.oval:def:10129",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10129"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515195"
        },
        {
          "name": "ADV-2009-3184",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3184"
        },
        {
          "name": "DSA-1859",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1859"
        },
        {
          "name": "APPLE-SA-2009-11-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
        },
        {
          "name": "APPLE-SA-2010-06-21-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
        },
        {
          "name": "37346",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37346"
        },
        {
          "name": "ADV-2009-3316",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3316"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3937"
        },
        {
          "name": "36207",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36207"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-2414",
    "datePublished": "2009-08-11T18:00:00",
    "dateReserved": "2009-07-09T00:00:00",
    "dateUpdated": "2024-08-07T05:52:14.941Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0216 (GCVE-0-2011-0216)

Vulnerability from cvelistv5

Published

2011-07-21 23:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.

References

URL

Tags

	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://rhn.redhat.com/errata/RHSA-2013-0217.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2011-1749.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:188	vendor-advisory, x_refsource_MANDRIVA
	http://support.apple.com/kb/HT4999	x_refsource_CONFIRM
	http://support.apple.com/kb/HT5001	x_refsource_CONFIRM
	http://support.apple.com/kb/HT4808	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://www.debian.org/security/2012/dsa-2394	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.272Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2011-10-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
          },
          {
            "name": "RHSA-2013:0217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
          },
          {
            "name": "RHSA-2011:1749",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
          },
          {
            "name": "MDVSA-2011:188",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:188"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4999"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5001"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4808"
          },
          {
            "name": "APPLE-SA-2011-07-20-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
          },
          {
            "name": "APPLE-SA-2011-10-12-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
          },
          {
            "name": "DSA-2394",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2394"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-07-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-18T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2011-10-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
        },
        {
          "name": "RHSA-2013:0217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
        },
        {
          "name": "RHSA-2011:1749",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
        },
        {
          "name": "MDVSA-2011:188",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:188"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4999"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5001"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4808"
        },
        {
          "name": "APPLE-SA-2011-07-20-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
        },
        {
          "name": "APPLE-SA-2011-10-12-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
        },
        {
          "name": "DSA-2394",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2394"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0216",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2011-10-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
            },
            {
              "name": "RHSA-2013:0217",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
            },
            {
              "name": "RHSA-2011:1749",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
            },
            {
              "name": "MDVSA-2011:188",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:188"
            },
            {
              "name": "http://support.apple.com/kb/HT4999",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4999"
            },
            {
              "name": "http://support.apple.com/kb/HT5001",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5001"
            },
            {
              "name": "http://support.apple.com/kb/HT4808",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4808"
            },
            {
              "name": "APPLE-SA-2011-07-20-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
            },
            {
              "name": "APPLE-SA-2011-10-12-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
            },
            {
              "name": "DSA-2394",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2394"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0216",
    "datePublished": "2011-07-21T23:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-4828 (GCVE-0-2014-4828)

Vulnerability from cvelistv5

Published

2014-10-19 01:00

Modified

2024-08-06 11:27

Severity ?

CWE

n/a

Summary

IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to conduct clickjacking attacks via a crafted HTTP request.

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg21686478	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/95578	vdb-entry, x_refsource_XF

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:27:36.860Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
          },
          {
            "name": "ibm-qvm-cve20144828-clickjacking(95578)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95578"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to conduct clickjacking attacks via a crafted HTTP request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
        },
        {
          "name": "ibm-qvm-cve20144828-clickjacking(95578)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95578"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-4828",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to conduct clickjacking attacks via a crafted HTTP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
            },
            {
              "name": "ibm-qvm-cve20144828-clickjacking(95578)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95578"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-4828",
    "datePublished": "2014-10-19T01:00:00",
    "dateReserved": "2014-07-09T00:00:00",
    "dateUpdated": "2024-08-06T11:27:36.860Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-4755 (GCVE-0-2010-4755)

Vulnerability from cvelistv5

Published

2011-03-02 19:00

Modified

2024-08-07 03:55

Severity ?

CWE

n/a

Summary

The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

References

URL

Tags

	http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1	x_refsource_CONFIRM
	http://securityreason.com/achievement_securityalert/89	third-party-advisory, x_refsource_SREASONRES
	http://securityreason.com/exploitalert/9223	x_refsource_MISC
	http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1	x_refsource_CONFIRM
	http://cxib.net/stuff/glob-0day.c	x_refsource_MISC
	http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc	vendor-advisory, x_refsource_NETBSD
	http://securityreason.com/securityalert/8116	third-party-advisory, x_refsource_SREASON

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:55:34.968Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1"
          },
          {
            "name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASONRES",
              "x_transferred"
            ],
            "url": "http://securityreason.com/achievement_securityalert/89"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securityreason.com/exploitalert/9223"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cxib.net/stuff/glob-0day.c"
          },
          {
            "name": "NetBSD-SA2010-008",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
          },
          {
            "name": "8116",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8116"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-09-22T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1"
        },
        {
          "name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASONRES"
          ],
          "url": "http://securityreason.com/achievement_securityalert/89"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securityreason.com/exploitalert/9223"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cxib.net/stuff/glob-0day.c"
        },
        {
          "name": "NetBSD-SA2010-008",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
        },
        {
          "name": "8116",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8116"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-4755",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1",
              "refsource": "CONFIRM",
              "url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1"
            },
            {
              "name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
              "refsource": "SREASONRES",
              "url": "http://securityreason.com/achievement_securityalert/89"
            },
            {
              "name": "http://securityreason.com/exploitalert/9223",
              "refsource": "MISC",
              "url": "http://securityreason.com/exploitalert/9223"
            },
            {
              "name": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1",
              "refsource": "CONFIRM",
              "url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1"
            },
            {
              "name": "http://cxib.net/stuff/glob-0day.c",
              "refsource": "MISC",
              "url": "http://cxib.net/stuff/glob-0day.c"
            },
            {
              "name": "NetBSD-SA2010-008",
              "refsource": "NETBSD",
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
            },
            {
              "name": "8116",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8116"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-4755",
    "datePublished": "2011-03-02T19:00:00",
    "dateReserved": "2011-03-02T00:00:00",
    "dateUpdated": "2024-08-07T03:55:34.968Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0708 (GCVE-0-2011-0708)

Vulnerability from cvelistv5

Published

2011-03-20 01:00

Modified

2024-08-06 21:58

Severity ?

CWE

n/a

Summary

exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.

References

URL

Tags

	http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisory, x_refsource_HP
	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html	vendor-advisory, x_refsource_FEDORA
	http://www.vupen.com/english/advisories/2011/0764	vdb-entry, x_refsource_VUPEN
	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html	vendor-advisory, x_refsource_FEDORA
	http://www.exploit-db.com/exploits/16261/	exploit, x_refsource_EXPLOIT-DB
	https://bugzilla.redhat.com/show_bug.cgi?id=680972	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:053	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2011/dsa-2266	vendor-advisory, x_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2011/0890	vdb-entry, x_refsource_VUPEN
	http://www.php.net/releases/5_3_6.php	x_refsource_CONFIRM
	http://www.php.net/ChangeLog-5.php	x_refsource_CONFIRM
	http://www.php.net/archive/2011.php	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisory, x_refsource_HP
	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://bugs.php.net/bug.php?id=54002	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2011/02/16/7	mailing-list, x_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2011-1423.html	vendor-advisory, x_refsource_REDHAT
	http://openwall.com/lists/oss-security/2011/02/14/1	mailing-list, x_refsource_MLIST
	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html	vendor-advisory, x_refsource_FEDORA
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:052	vendor-advisory, x_refsource_MANDRIVA
	http://securityreason.com/securityalert/8114	third-party-advisory, x_refsource_SREASON
	http://www.securityfocus.com/bid/46365	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2011/0744	vdb-entry, x_refsource_VUPEN
	http://rhn.redhat.com/errata/RHSA-2012-0071.html	vendor-advisory, x_refsource_REDHAT
	http://support.apple.com/kb/HT5002	x_refsource_CONFIRM
	http://svn.php.net/viewvc?view=revision&revision=308316	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:58:26.128Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBOV02763",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
          },
          {
            "name": "FEDORA-2011-3636",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html"
          },
          {
            "name": "ADV-2011-0764",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0764"
          },
          {
            "name": "FEDORA-2011-3614",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html"
          },
          {
            "name": "16261",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/16261/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680972"
          },
          {
            "name": "MDVSA-2011:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
          },
          {
            "name": "DSA-2266",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2266"
          },
          {
            "name": "ADV-2011-0890",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0890"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/releases/5_3_6.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/archive/2011.php"
          },
          {
            "name": "SSRT100826",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
          },
          {
            "name": "APPLE-SA-2011-10-12-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.php.net/bug.php?id=54002"
          },
          {
            "name": "[oss-security] 20110216 Re: Re: PHP Exif 64bit Casting Vulnerability, CVE request",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/02/16/7"
          },
          {
            "name": "RHSA-2011:1423",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1423.html"
          },
          {
            "name": "[oss-security] 20110214 PHP Exif 64bit Casting Vulnerability, CVE request",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/02/14/1"
          },
          {
            "name": "FEDORA-2011-3666",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html"
          },
          {
            "name": "MDVSA-2011:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052"
          },
          {
            "name": "8114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8114"
          },
          {
            "name": "46365",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46365"
          },
          {
            "name": "ADV-2011-0744",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0744"
          },
          {
            "name": "RHSA-2012:0071",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.php.net/viewvc?view=revision\u0026revision=308316"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-08-19T15:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "HPSBOV02763",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
        },
        {
          "name": "FEDORA-2011-3636",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html"
        },
        {
          "name": "ADV-2011-0764",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0764"
        },
        {
          "name": "FEDORA-2011-3614",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html"
        },
        {
          "name": "16261",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/16261/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680972"
        },
        {
          "name": "MDVSA-2011:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
        },
        {
          "name": "DSA-2266",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2266"
        },
        {
          "name": "ADV-2011-0890",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0890"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/releases/5_3_6.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/archive/2011.php"
        },
        {
          "name": "SSRT100826",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
        },
        {
          "name": "APPLE-SA-2011-10-12-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.php.net/bug.php?id=54002"
        },
        {
          "name": "[oss-security] 20110216 Re: Re: PHP Exif 64bit Casting Vulnerability, CVE request",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/02/16/7"
        },
        {
          "name": "RHSA-2011:1423",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1423.html"
        },
        {
          "name": "[oss-security] 20110214 PHP Exif 64bit Casting Vulnerability, CVE request",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/02/14/1"
        },
        {
          "name": "FEDORA-2011-3666",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html"
        },
        {
          "name": "MDVSA-2011:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052"
        },
        {
          "name": "8114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8114"
        },
        {
          "name": "46365",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46365"
        },
        {
          "name": "ADV-2011-0744",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0744"
        },
        {
          "name": "RHSA-2012:0071",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5002"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.php.net/viewvc?view=revision\u0026revision=308316"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-0708",
    "datePublished": "2011-03-20T01:00:00",
    "dateReserved": "2011-01-31T00:00:00",
    "dateUpdated": "2024-08-06T21:58:26.128Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-3091 (GCVE-0-2014-3091)

Vulnerability from cvelistv5

Published

2014-10-13 01:00

Modified

2024-08-06 10:35

Severity ?

CWE

n/a

Summary

Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.1.x and 7.2.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilities/94257	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/70379	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg21686480	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:35:55.856Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-qradar-cve20143091-xss(94257)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94257"
          },
          {
            "name": "70379",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70379"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686480"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.1.x and 7.2.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-qradar-cve20143091-xss(94257)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94257"
        },
        {
          "name": "70379",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70379"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686480"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-3091",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.1.x and 7.2.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-qradar-cve20143091-xss(94257)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94257"
            },
            {
              "name": "70379",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70379"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686480",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686480"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-3091",
    "datePublished": "2014-10-13T01:00:00",
    "dateReserved": "2014-04-29T00:00:00",
    "dateUpdated": "2024-08-06T10:35:55.856Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-0882 (GCVE-0-2012-0882)

Vulnerability from cvelistv5

Published

2012-12-21 02:00

Modified

2024-08-06 18:38

Severity ?

CWE

n/a

Summary

Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.

References

URL

Tags

	https://lists.immunityinc.com/pipermail/canvas/2012-February/000014.html	mailing-list, x_refsource_MLIST
	https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=789141	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2012/02/24/2	mailing-list, x_refsource_MLIST
	https://blogs.oracle.com/sunsecurity/entry/cve_2012_0882buffer_overflow_vulnerability	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:38:14.959Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[Canvas] 20120223 VulnDisco MySQL 0day",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.immunityinc.com/pipermail/canvas/2012-February/000014.html"
          },
          {
            "name": "[Canvas] 20120207 VulnDisco Pack Professional 9.17",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789141"
          },
          {
            "name": "[oss-security] 20120224 Re: MySQL 0-day - does it need a CVE?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/02/24/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_0882buffer_overflow_vulnerability"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17.  NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.  NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-12-21T02:00:00Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[Canvas] 20120223 VulnDisco MySQL 0day",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.immunityinc.com/pipermail/canvas/2012-February/000014.html"
        },
        {
          "name": "[Canvas] 20120207 VulnDisco Pack Professional 9.17",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789141"
        },
        {
          "name": "[oss-security] 20120224 Re: MySQL 0-day - does it need a CVE?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/02/24/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_0882buffer_overflow_vulnerability"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-0882",
    "datePublished": "2012-12-21T02:00:00Z",
    "dateReserved": "2012-01-19T00:00:00Z",
    "dateUpdated": "2024-08-06T18:38:14.959Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-4707 (GCVE-0-2010-4707)

Vulnerability from cvelistv5

Published

2011-01-24 18:00

Modified

2024-08-07 03:55

Severity ?

CWE

n/a

Summary

The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilities/65036	vdb-entry, x_refsource_XF
	http://security.gentoo.org/glsa/glsa-201206-31.xml	vendor-advisory, x_refsource_GENTOO
	http://openwall.com/lists/oss-security/2010/10/03/1	mailing-list, x_refsource_MLIST
	http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/46045	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/49711	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:55:34.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "linuxpam-checkacl-dos(65036)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65036"
          },
          {
            "name": "GLSA-201206-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201206-31.xml"
          },
          {
            "name": "[oss-security] 20101004 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/10/03/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9"
          },
          {
            "name": "46045",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46045"
          },
          {
            "name": "49711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49711"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "linuxpam-checkacl-dos(65036)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65036"
        },
        {
          "name": "GLSA-201206-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201206-31.xml"
        },
        {
          "name": "[oss-security] 20101004 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/10/03/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9"
        },
        {
          "name": "46045",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46045"
        },
        {
          "name": "49711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49711"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-4707",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "linuxpam-checkacl-dos(65036)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65036"
            },
            {
              "name": "GLSA-201206-31",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201206-31.xml"
            },
            {
              "name": "[oss-security] 20101004 Re: Minor security flaw with pam_xauth",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2010/10/03/1"
            },
            {
              "name": "http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commit;h=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9",
              "refsource": "CONFIRM",
              "url": "http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commit;h=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9"
            },
            {
              "name": "46045",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46045"
            },
            {
              "name": "49711",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49711"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-4707",
    "datePublished": "2011-01-24T18:00:00",
    "dateReserved": "2011-01-24T00:00:00",
    "dateUpdated": "2024-08-07T03:55:34.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-1398 (GCVE-0-2011-1398)

Vulnerability from cvelistv5

Published

2012-08-30 22:00

Modified

2024-08-06 22:28

Severity ?

CWE

n/a

Summary

The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.

References

URL

Tags

	http://openwall.com/lists/oss-security/2012/09/05/15	mailing-list, x_refsource_MLIST
	http://security-tracker.debian.org/tracker/CVE-2011-1398	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1027463	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/55078	third-party-advisory, x_refsource_SECUNIA
	https://bugs.php.net/bug.php?id=60227	x_refsource_MISC
	http://rhn.redhat.com/errata/RHSA-2013-1307.html	vendor-advisory, x_refsource_REDHAT
	http://openwall.com/lists/oss-security/2012/08/29/5	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://article.gmane.org/gmane.comp.php.devel/70584	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-1569-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:28:40.271Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20120905 Re: php header() header injection detection bypass",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/09/05/15"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://security-tracker.debian.org/tracker/CVE-2011-1398"
          },
          {
            "name": "1027463",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027463"
          },
          {
            "name": "55078",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55078"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=60227"
          },
          {
            "name": "RHSA-2013:1307",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html"
          },
          {
            "name": "[oss-security] 20120829 php header() header injection detection bypass",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/08/29/5"
          },
          {
            "name": "SUSE-SU-2013:1315",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
          },
          {
            "name": "[internals] 20120203 [PHP-DEV] The case of HTTP response splitting protection in PHP",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://article.gmane.org/gmane.comp.php.devel/70584"
          },
          {
            "name": "USN-1569-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1569-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-02-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-09-13T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20120905 Re: php header() header injection detection bypass",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/09/05/15"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://security-tracker.debian.org/tracker/CVE-2011-1398"
        },
        {
          "name": "1027463",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027463"
        },
        {
          "name": "55078",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55078"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.php.net/bug.php?id=60227"
        },
        {
          "name": "RHSA-2013:1307",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html"
        },
        {
          "name": "[oss-security] 20120829 php header() header injection detection bypass",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/08/29/5"
        },
        {
          "name": "SUSE-SU-2013:1315",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
        },
        {
          "name": "[internals] 20120203 [PHP-DEV] The case of HTTP response splitting protection in PHP",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://article.gmane.org/gmane.comp.php.devel/70584"
        },
        {
          "name": "USN-1569-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1569-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1398",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20120905 Re: php header() header injection detection bypass",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/09/05/15"
            },
            {
              "name": "http://security-tracker.debian.org/tracker/CVE-2011-1398",
              "refsource": "CONFIRM",
              "url": "http://security-tracker.debian.org/tracker/CVE-2011-1398"
            },
            {
              "name": "1027463",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027463"
            },
            {
              "name": "55078",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55078"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=60227",
              "refsource": "MISC",
              "url": "https://bugs.php.net/bug.php?id=60227"
            },
            {
              "name": "RHSA-2013:1307",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html"
            },
            {
              "name": "[oss-security] 20120829 php header() header injection detection bypass",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/08/29/5"
            },
            {
              "name": "SUSE-SU-2013:1315",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
            },
            {
              "name": "[internals] 20120203 [PHP-DEV] The case of HTTP response splitting protection in PHP",
              "refsource": "MLIST",
              "url": "http://article.gmane.org/gmane.comp.php.devel/70584"
            },
            {
              "name": "USN-1569-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1569-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1398",
    "datePublished": "2012-08-30T22:00:00",
    "dateReserved": "2011-03-10T00:00:00",
    "dateUpdated": "2024-08-06T22:28:40.271Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-0781 (GCVE-0-2012-0781)

Vulnerability from cvelistv5

Published

2012-01-18 20:00

Modified

2024-08-06 18:38

Severity ?

CWE

n/a

Summary

The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153.

References

URL

Tags

	http://www.exploit-db.com/exploits/18370/	exploit, x_refsource_EXPLOIT-DB
	http://archives.neohapsis.com/archives/bugtraq/2012-01/0092.html	mailing-list, x_refsource_BUGTRAQ
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/48668	third-party-advisory, x_refsource_SECUNIA
	http://cxsecurity.com/research/103	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:38:14.265Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "18370",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/18370/"
          },
          {
            "name": "20120114 PHP 5.3.8 Multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0092.html"
          },
          {
            "name": "SUSE-SU-2012:0411",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
          },
          {
            "name": "openSUSE-SU-2012:0426",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
          },
          {
            "name": "48668",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48668"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cxsecurity.com/research/103"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-08T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "18370",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/18370/"
        },
        {
          "name": "20120114 PHP 5.3.8 Multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0092.html"
        },
        {
          "name": "SUSE-SU-2012:0411",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
        },
        {
          "name": "openSUSE-SU-2012:0426",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
        },
        {
          "name": "48668",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48668"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cxsecurity.com/research/103"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2012-0781",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "18370",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/18370/"
            },
            {
              "name": "20120114 PHP 5.3.8 Multiple vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0092.html"
            },
            {
              "name": "SUSE-SU-2012:0411",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
            },
            {
              "name": "openSUSE-SU-2012:0426",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
            },
            {
              "name": "48668",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48668"
            },
            {
              "name": "http://cxsecurity.com/research/103",
              "refsource": "MISC",
              "url": "http://cxsecurity.com/research/103"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2012-0781",
    "datePublished": "2012-01-18T20:00:00",
    "dateReserved": "2012-01-18T00:00:00",
    "dateUpdated": "2024-08-06T18:38:14.265Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-2337 (GCVE-0-2012-2337)

Vulnerability from cvelistv5

Published

2012-05-18 18:00

Modified

2024-08-06 19:34

Severity ?

CWE

n/a

Summary

sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address.

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=820677	x_refsource_CONFIRM
	http://secunia.com/advisories/49219	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/49948	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/49244	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2012:079	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/49291	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2012/dsa-2478	vendor-advisory, x_refsource_DEBIAN
	http://www.securitytracker.com/id?1027077	vdb-entry, x_refsource_SECTRACK
	https://www.suse.com/security/cve/CVE-2012-2337/	x_refsource_MISC
	http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081432.html	vendor-advisory, x_refsource_FEDORA
	http://www.sudo.ws/sudo/alerts/netmask.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:34:24.297Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=820677"
          },
          {
            "name": "49219",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49219"
          },
          {
            "name": "49948",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49948"
          },
          {
            "name": "49244",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49244"
          },
          {
            "name": "MDVSA-2012:079",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:079"
          },
          {
            "name": "49291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49291"
          },
          {
            "name": "DSA-2478",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2478"
          },
          {
            "name": "1027077",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027077"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.suse.com/security/cve/CVE-2012-2337/"
          },
          {
            "name": "FEDORA-2012-7998",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081432.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/sudo/alerts/netmask.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-05-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=820677"
        },
        {
          "name": "49219",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49219"
        },
        {
          "name": "49948",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49948"
        },
        {
          "name": "49244",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49244"
        },
        {
          "name": "MDVSA-2012:079",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:079"
        },
        {
          "name": "49291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49291"
        },
        {
          "name": "DSA-2478",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2478"
        },
        {
          "name": "1027077",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027077"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.suse.com/security/cve/CVE-2012-2337/"
        },
        {
          "name": "FEDORA-2012-7998",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081432.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/sudo/alerts/netmask.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-2337",
    "datePublished": "2012-05-18T18:00:00",
    "dateReserved": "2012-04-19T00:00:00",
    "dateUpdated": "2024-08-06T19:34:24.297Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-2311 (GCVE-0-2012-2311)

Vulnerability from cvelistv5

Published

2012-05-11 10:00

Modified

2024-08-06 19:26

Severity ?

CWE

n/a

Summary

sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.

References

URL

Tags

	http://marc.info/?l=bugtraq&m=134012830914727&w=2	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id?1027022	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html	vendor-advisory, x_refsource_SUSE
	https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff-fix-check.patch&revision=1336093719&display=1	x_refsource_CONFIRM
	http://secunia.com/advisories/49014	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html	vendor-advisory, x_refsource_SUSE
	https://bugs.php.net/bug.php?id=61910	x_refsource_CONFIRM
	http://www.php.net/archive/2012.php#id2012-05-08-1	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT5501	x_refsource_CONFIRM
	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862	vendor-advisory, x_refsource_HP
	http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/	x_refsource_MISC
	http://www.kb.cert.org/vuls/id/520827	third-party-advisory, x_refsource_CERT-VN
	http://marc.info/?l=bugtraq&m=134012830914727&w=2	vendor-advisory, x_refsource_HP
	http://www.debian.org/security/2012/dsa-2465	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/49085	third-party-advisory, x_refsource_SECUNIA
	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862	vendor-advisory, x_refsource_HP
	http://www.php.net/ChangeLog-5.php#5.4.3	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:26:09.031Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SSRT100856",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
          },
          {
            "name": "SUSE-SU-2012:0604",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
          },
          {
            "name": "1027022",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027022"
          },
          {
            "name": "openSUSE-SU-2012:0590",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/patch-display.php?bug_id=61910\u0026patch=cgi.diff-fix-check.patch\u0026revision=1336093719\u0026display=1"
          },
          {
            "name": "49014",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49014"
          },
          {
            "name": "SUSE-SU-2012:0598",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=61910"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/archive/2012.php#id2012-05-08-1"
          },
          {
            "name": "APPLE-SA-2012-09-19-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5501"
          },
          {
            "name": "SSRT100992",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"
          },
          {
            "name": "VU#520827",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/520827"
          },
          {
            "name": "HPSBUX02791",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
          },
          {
            "name": "DSA-2465",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2465"
          },
          {
            "name": "49085",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49085"
          },
          {
            "name": "HPSBMU02900",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php#5.4.3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-05-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the \u0027d\u0027 case.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-17T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SSRT100856",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
        },
        {
          "name": "SUSE-SU-2012:0604",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
        },
        {
          "name": "1027022",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027022"
        },
        {
          "name": "openSUSE-SU-2012:0590",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/patch-display.php?bug_id=61910\u0026patch=cgi.diff-fix-check.patch\u0026revision=1336093719\u0026display=1"
        },
        {
          "name": "49014",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49014"
        },
        {
          "name": "SUSE-SU-2012:0598",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=61910"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/archive/2012.php#id2012-05-08-1"
        },
        {
          "name": "APPLE-SA-2012-09-19-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5501"
        },
        {
          "name": "SSRT100992",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"
        },
        {
          "name": "VU#520827",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/520827"
        },
        {
          "name": "HPSBUX02791",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
        },
        {
          "name": "DSA-2465",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2465"
        },
        {
          "name": "49085",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49085"
        },
        {
          "name": "HPSBMU02900",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php#5.4.3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-2311",
    "datePublished": "2012-05-11T10:00:00",
    "dateReserved": "2012-04-19T00:00:00",
    "dateUpdated": "2024-08-06T19:26:09.031Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0075 (GCVE-0-2014-0075)

Vulnerability from cvelistv5

Published

2014-05-31 10:00

Modified

2024-08-06 09:05

Severity ?

CWE

n/a

Summary

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.

References

URL

Tags

	http://svn.apache.org/viewvc?view=revision&revision=1578337	x_refsource_CONFIRM
	http://advisories.mageia.org/MGASA-2014-0268.html	x_refsource_CONFIRM
	http://www.novell.com/support/kb/doc.php?id=7010166	x_refsource_CONFIRM
	http://secunia.com/advisories/59121	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2015-0765.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59732	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59835	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2015-0675.html	vendor-advisory, x_refsource_REDHAT
	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21681528	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:052	vendor-advisory, x_refsource_MANDRIVA
	http://rhn.redhat.com/errata/RHSA-2015-0720.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59849	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-0865.html	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:084	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2016/dsa-3530	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/59678	third-party-advisory, x_refsource_SECUNIA
	http://svn.apache.org/viewvc?view=revision&revision=1578341	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141017844705317&w=2	vendor-advisory, x_refsource_HP
	http://tomcat.apache.org/security-7.html	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/534161/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://svn.apache.org/viewvc?view=revision&revision=1579262	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:053	vendor-advisory, x_refsource_MANDRIVA
	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141390017113542&w=2	vendor-advisory, x_refsource_HP
	http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html	vendor-advisory, x_refsource_FEDORA
	http://www.securityfocus.com/bid/67671	vdb-entry, x_refsource_BID
	http://tomcat.apache.org/security-8.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21678231	x_refsource_CONFIRM
	http://secunia.com/advisories/59616	third-party-advisory, x_refsource_SECUNIA
	http://tomcat.apache.org/security-6.html	x_refsource_CONFIRM
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59873	third-party-advisory, x_refsource_SECUNIA
	http://seclists.org/fulldisclosure/2014/Dec/23	mailing-list, x_refsource_FULLDISC
	http://marc.info/?l=bugtraq&m=144498216801440&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141017844705317&w=2	vendor-advisory, x_refsource_HP
	http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3447	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/60729	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60793	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21680603	x_refsource_CONFIRM
	https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:38.500Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578337"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7010166"
          },
          {
            "name": "59121",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59121"
          },
          {
            "name": "RHSA-2015:0765",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
          },
          {
            "name": "59732",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59732"
          },
          {
            "name": "59835",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59835"
          },
          {
            "name": "RHSA-2015:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
          },
          {
            "name": "MDVSA-2015:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
          },
          {
            "name": "RHSA-2015:0720",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
          },
          {
            "name": "59849",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59849"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-0865.html"
          },
          {
            "name": "MDVSA-2015:084",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
          },
          {
            "name": "DSA-3530",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3530"
          },
          {
            "name": "59678",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59678"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578341"
          },
          {
            "name": "HPSBUX03102",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-7.html"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1579262"
          },
          {
            "name": "MDVSA-2015:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "name": "HPSBUX03150",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2"
          },
          {
            "name": "FEDORA-2015-2109",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html"
          },
          {
            "name": "67671",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/67671"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-8.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
          },
          {
            "name": "59616",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59616"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-6.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
          },
          {
            "name": "59873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59873"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
          },
          {
            "name": "HPSBOV03503",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
          },
          {
            "name": "SSRT101681",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
          },
          {
            "name": "DSA-3447",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3447"
          },
          {
            "name": "60729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60729"
          },
          {
            "name": "60793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60793"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680603"
          },
          {
            "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-13T16:10:10",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578337"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7010166"
        },
        {
          "name": "59121",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59121"
        },
        {
          "name": "RHSA-2015:0765",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
        },
        {
          "name": "59732",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59732"
        },
        {
          "name": "59835",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59835"
        },
        {
          "name": "RHSA-2015:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
        },
        {
          "name": "MDVSA-2015:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
        },
        {
          "name": "RHSA-2015:0720",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
        },
        {
          "name": "59849",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59849"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-0865.html"
        },
        {
          "name": "MDVSA-2015:084",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
        },
        {
          "name": "DSA-3530",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3530"
        },
        {
          "name": "59678",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59678"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578341"
        },
        {
          "name": "HPSBUX03102",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-7.html"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1579262"
        },
        {
          "name": "MDVSA-2015:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "name": "HPSBUX03150",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2"
        },
        {
          "name": "FEDORA-2015-2109",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html"
        },
        {
          "name": "67671",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/67671"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-8.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
        },
        {
          "name": "59616",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59616"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-6.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
        },
        {
          "name": "59873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59873"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
        },
        {
          "name": "HPSBOV03503",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
        },
        {
          "name": "SSRT101681",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
        },
        {
          "name": "DSA-3447",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3447"
        },
        {
          "name": "60729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60729"
        },
        {
          "name": "60793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60793"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680603"
        },
        {
          "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-0075",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578337",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578337"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0268.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7010166",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7010166"
            },
            {
              "name": "59121",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59121"
            },
            {
              "name": "RHSA-2015:0765",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
            },
            {
              "name": "59732",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59732"
            },
            {
              "name": "59835",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59835"
            },
            {
              "name": "RHSA-2015:0675",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
            },
            {
              "name": "MDVSA-2015:052",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
            },
            {
              "name": "RHSA-2015:0720",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
            },
            {
              "name": "59849",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59849"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-0865.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-0865.html"
            },
            {
              "name": "MDVSA-2015:084",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
            },
            {
              "name": "DSA-3530",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3530"
            },
            {
              "name": "59678",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59678"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578341",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578341"
            },
            {
              "name": "HPSBUX03102",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
            },
            {
              "name": "http://tomcat.apache.org/security-7.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-7.html"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1579262",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1579262"
            },
            {
              "name": "MDVSA-2015:053",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "HPSBUX03150",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141390017113542\u0026w=2"
            },
            {
              "name": "FEDORA-2015-2109",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html"
            },
            {
              "name": "67671",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/67671"
            },
            {
              "name": "http://tomcat.apache.org/security-8.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-8.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
            },
            {
              "name": "59616",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59616"
            },
            {
              "name": "http://tomcat.apache.org/security-6.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-6.html"
            },
            {
              "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013",
              "refsource": "CONFIRM",
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
            },
            {
              "name": "59873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59873"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
            },
            {
              "name": "HPSBOV03503",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
            },
            {
              "name": "SSRT101681",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
            },
            {
              "name": "DSA-3447",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3447"
            },
            {
              "name": "60729",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60729"
            },
            {
              "name": "60793",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60793"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680603",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680603"
            },
            {
              "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0075",
    "datePublished": "2014-05-31T10:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:38.500Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0159 (GCVE-0-2009-0159)

Vulnerability from cvelistv5

Published

2009-04-14 15:00

Modified

2024-08-07 04:24

Severity ?

CWE

n/a

Summary

Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.

References

URL

Tags

	https://usn.ubuntu.com/777-1/	vendor-advisory, x_refsource_UBUNTU
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/35137	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/34608	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/35166	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=490617	x_refsource_CONFIRM
	http://support.apple.com/kb/HT3549	x_refsource_CONFIRM
	http://secunia.com/advisories/37471	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2009/dsa-1801	vendor-advisory, x_refsource_DEBIAN
	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/35308	third-party-advisory, x_refsource_SECUNIA
	http://bugs.pardus.org.tr/show_bug.cgi?id=9532	x_refsource_CONFIRM
	http://secunia.com/advisories/35253	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	x_refsource_CONFIRM
	http://secunia.com/advisories/35074	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/34481	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/35138	third-party-advisory, x_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html	vendor-advisory, x_refsource_APPLE
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386	vdb-entry, signature, x_refsource_OVAL
	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.566238	vendor-advisory, x_refsource_SLACKWARE
	http://marc.info/?l=bugtraq&m=136482797910018&w=2	vendor-advisory, x_refsource_HP
	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	vendor-advisory, x_refsource_SUSE
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/35630	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/507985/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/49838	vdb-entry, x_refsource_XF
	http://osvdb.org/53593	vdb-entry, x_refsource_OSVDB
	http://www.securitytracker.com/id?1022033	vdb-entry, x_refsource_SECTRACK
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665	vdb-entry, signature, x_refsource_OVAL
	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	third-party-advisory, x_refsource_CERT
	https://rhn.redhat.com/errata/RHSA-2009-1651.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2009/1297	vdb-entry, x_refsource_VUPEN
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411	vdb-entry, signature, x_refsource_OVAL
	http://rhn.redhat.com/errata/RHSA-2009-1040.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2009:092	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/35416	third-party-advisory, x_refsource_SECUNIA
	https://support.ntp.org/bugs/show_bug.cgi?id=1144	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=136482797910018&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/35336	third-party-advisory, x_refsource_SECUNIA
	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc	vendor-advisory, x_refsource_NETBSD
	http://rhn.redhat.com/errata/RHSA-2009-1039.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/35169	third-party-advisory, x_refsource_SECUNIA
	http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml	vendor-advisory, x_refsource_GENTOO
	http://www.vupen.com/english/advisories/2009/0999	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2009/3316	vdb-entry, x_refsource_VUPEN
	http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch&REV=1.1565	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:18.219Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-777-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/777-1/"
          },
          {
            "name": "oval:org.mitre.oval:def:9634",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634"
          },
          {
            "name": "35137",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35137"
          },
          {
            "name": "34608",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34608"
          },
          {
            "name": "35166",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35166"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490617"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "name": "37471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37471"
          },
          {
            "name": "DSA-1801",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1801"
          },
          {
            "name": "FEDORA-2009-5275",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html"
          },
          {
            "name": "35308",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35308"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.pardus.org.tr/show_bug.cgi?id=9532"
          },
          {
            "name": "35253",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35253"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
          },
          {
            "name": "35074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "name": "34481",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34481"
          },
          {
            "name": "35138",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35138"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "oval:org.mitre.oval:def:8386",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386"
          },
          {
            "name": "SSA:2009-154-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.566238"
          },
          {
            "name": "SSRT101144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
          },
          {
            "name": "FEDORA-2009-5273",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html"
          },
          {
            "name": "SUSE-SR:2009:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
          },
          {
            "name": "oval:org.mitre.oval:def:19392",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392"
          },
          {
            "name": "35630",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35630"
          },
          {
            "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
          },
          {
            "name": "ntp-cookedprint-bo(49838)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49838"
          },
          {
            "name": "53593",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53593"
          },
          {
            "name": "1022033",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022033"
          },
          {
            "name": "oval:org.mitre.oval:def:8665",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665"
          },
          {
            "name": "TA09-133A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "RHSA-2009:1651",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
          },
          {
            "name": "ADV-2009-1297",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "oval:org.mitre.oval:def:5411",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411"
          },
          {
            "name": "RHSA-2009:1040",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-1040.html"
          },
          {
            "name": "MDVSA-2009:092",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:092"
          },
          {
            "name": "35416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35416"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ntp.org/bugs/show_bug.cgi?id=1144"
          },
          {
            "name": "HPSBUX02859",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
          },
          {
            "name": "35336",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35336"
          },
          {
            "name": "NetBSD-SA2009-006",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc"
          },
          {
            "name": "RHSA-2009:1039",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-1039.html"
          },
          {
            "name": "35169",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35169"
          },
          {
            "name": "GLSA-200905-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml"
          },
          {
            "name": "ADV-2009-0999",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0999"
          },
          {
            "name": "ADV-2009-3316",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3316"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch\u0026REV=1.1565"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-777-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/777-1/"
        },
        {
          "name": "oval:org.mitre.oval:def:9634",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634"
        },
        {
          "name": "35137",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35137"
        },
        {
          "name": "34608",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34608"
        },
        {
          "name": "35166",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35166"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490617"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3549"
        },
        {
          "name": "37471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37471"
        },
        {
          "name": "DSA-1801",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1801"
        },
        {
          "name": "FEDORA-2009-5275",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html"
        },
        {
          "name": "35308",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35308"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.pardus.org.tr/show_bug.cgi?id=9532"
        },
        {
          "name": "35253",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35253"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
        },
        {
          "name": "35074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35074"
        },
        {
          "name": "34481",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34481"
        },
        {
          "name": "35138",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35138"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
        },
        {
          "name": "oval:org.mitre.oval:def:8386",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386"
        },
        {
          "name": "SSA:2009-154-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.566238"
        },
        {
          "name": "SSRT101144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
        },
        {
          "name": "FEDORA-2009-5273",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html"
        },
        {
          "name": "SUSE-SR:2009:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
        },
        {
          "name": "oval:org.mitre.oval:def:19392",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392"
        },
        {
          "name": "35630",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35630"
        },
        {
          "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
        },
        {
          "name": "ntp-cookedprint-bo(49838)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49838"
        },
        {
          "name": "53593",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53593"
        },
        {
          "name": "1022033",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022033"
        },
        {
          "name": "oval:org.mitre.oval:def:8665",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665"
        },
        {
          "name": "TA09-133A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
        },
        {
          "name": "RHSA-2009:1651",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
        },
        {
          "name": "ADV-2009-1297",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1297"
        },
        {
          "name": "oval:org.mitre.oval:def:5411",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411"
        },
        {
          "name": "RHSA-2009:1040",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-1040.html"
        },
        {
          "name": "MDVSA-2009:092",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:092"
        },
        {
          "name": "35416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35416"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ntp.org/bugs/show_bug.cgi?id=1144"
        },
        {
          "name": "HPSBUX02859",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
        },
        {
          "name": "35336",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35336"
        },
        {
          "name": "NetBSD-SA2009-006",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc"
        },
        {
          "name": "RHSA-2009:1039",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-1039.html"
        },
        {
          "name": "35169",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35169"
        },
        {
          "name": "GLSA-200905-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml"
        },
        {
          "name": "ADV-2009-0999",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0999"
        },
        {
          "name": "ADV-2009-3316",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3316"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch\u0026REV=1.1565"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0159",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-777-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/777-1/"
            },
            {
              "name": "oval:org.mitre.oval:def:9634",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634"
            },
            {
              "name": "35137",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35137"
            },
            {
              "name": "34608",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34608"
            },
            {
              "name": "35166",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35166"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=490617",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490617"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "37471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37471"
            },
            {
              "name": "DSA-1801",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1801"
            },
            {
              "name": "FEDORA-2009-5275",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html"
            },
            {
              "name": "35308",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35308"
            },
            {
              "name": "http://bugs.pardus.org.tr/show_bug.cgi?id=9532",
              "refsource": "CONFIRM",
              "url": "http://bugs.pardus.org.tr/show_bug.cgi?id=9532"
            },
            {
              "name": "35253",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35253"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "34481",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34481"
            },
            {
              "name": "35138",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35138"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "oval:org.mitre.oval:def:8386",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386"
            },
            {
              "name": "SSA:2009-154-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.566238"
            },
            {
              "name": "SSRT101144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
            },
            {
              "name": "FEDORA-2009-5273",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html"
            },
            {
              "name": "SUSE-SR:2009:011",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
            },
            {
              "name": "oval:org.mitre.oval:def:19392",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392"
            },
            {
              "name": "35630",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35630"
            },
            {
              "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
            },
            {
              "name": "ntp-cookedprint-bo(49838)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49838"
            },
            {
              "name": "53593",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53593"
            },
            {
              "name": "1022033",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022033"
            },
            {
              "name": "oval:org.mitre.oval:def:8665",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "RHSA-2009:1651",
              "refsource": "REDHAT",
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "oval:org.mitre.oval:def:5411",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411"
            },
            {
              "name": "RHSA-2009:1040",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2009-1040.html"
            },
            {
              "name": "MDVSA-2009:092",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:092"
            },
            {
              "name": "35416",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35416"
            },
            {
              "name": "https://support.ntp.org/bugs/show_bug.cgi?id=1144",
              "refsource": "CONFIRM",
              "url": "https://support.ntp.org/bugs/show_bug.cgi?id=1144"
            },
            {
              "name": "HPSBUX02859",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
            },
            {
              "name": "35336",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35336"
            },
            {
              "name": "NetBSD-SA2009-006",
              "refsource": "NETBSD",
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc"
            },
            {
              "name": "RHSA-2009:1039",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2009-1039.html"
            },
            {
              "name": "35169",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35169"
            },
            {
              "name": "GLSA-200905-08",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml"
            },
            {
              "name": "ADV-2009-0999",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0999"
            },
            {
              "name": "ADV-2009-3316",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3316"
            },
            {
              "name": "http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch\u0026REV=1.1565",
              "refsource": "CONFIRM",
              "url": "http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch\u0026REV=1.1565"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0159",
    "datePublished": "2009-04-14T15:00:00",
    "dateReserved": "2009-01-16T00:00:00",
    "dateUpdated": "2024-08-07T04:24:18.219Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-5107 (GCVE-0-2010-5107)

Vulnerability from cvelistv5

Published

2013-03-07 20:00

Modified

2024-08-07 04:09

Severity ?

CWE

n/a

Summary

The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

References

URL

Tags

	http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1591.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=144050155601375&w=2	vendor-advisory, x_refsource_HP
	http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=908707	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/58162	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2013/02/07/3	mailing-list, x_refsource_MLIST
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595	vdb-entry, signature, x_refsource_OVAL
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515	vdb-entry, signature, x_refsource_OVAL

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:09:39.163Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234"
          },
          {
            "name": "RHSA-2013:1591",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1591.html"
          },
          {
            "name": "HPSBMU03409",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908707"
          },
          {
            "name": "58162",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/58162"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156"
          },
          {
            "name": "[oss-security] 20130206 Re: CVE id request: openssh?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/02/07/3"
          },
          {
            "name": "oval:org.mitre.oval:def:19595",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595"
          },
          {
            "name": "oval:org.mitre.oval:def:19515",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234"
        },
        {
          "name": "RHSA-2013:1591",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1591.html"
        },
        {
          "name": "HPSBMU03409",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908707"
        },
        {
          "name": "58162",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/58162"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156"
        },
        {
          "name": "[oss-security] 20130206 Re: CVE id request: openssh?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/02/07/3"
        },
        {
          "name": "oval:org.mitre.oval:def:19595",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595"
        },
        {
          "name": "oval:org.mitre.oval:def:19515",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2010-5107",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234",
              "refsource": "CONFIRM",
              "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234"
            },
            {
              "name": "RHSA-2013:1591",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1591.html"
            },
            {
              "name": "HPSBMU03409",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
            },
            {
              "name": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89",
              "refsource": "CONFIRM",
              "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=908707",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908707"
            },
            {
              "name": "58162",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/58162"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
            },
            {
              "name": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156",
              "refsource": "CONFIRM",
              "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156"
            },
            {
              "name": "[oss-security] 20130206 Re: CVE id request: openssh?",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2013/02/07/3"
            },
            {
              "name": "oval:org.mitre.oval:def:19595",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595"
            },
            {
              "name": "oval:org.mitre.oval:def:19515",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-5107",
    "datePublished": "2013-03-07T20:00:00",
    "dateReserved": "2012-04-30T00:00:00",
    "dateUpdated": "2024-08-07T04:09:39.163Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0427 (GCVE-0-2010-0427)

Vulnerability from cvelistv5

Published

2010-02-25 19:00

Modified

2024-08-07 00:45

Severity ?

CWE

n/a

Summary

sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command.

References

URL

Tags

	http://secunia.com/advisories/38803	third-party-advisory, x_refsource_SECUNIA
	ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml	vendor-advisory, x_refsource_GENTOO
	http://sudo.ws/repos/sudo/rev/aa0b6c01c462	x_refsource_CONFIRM
	http://secunia.com/advisories/38762	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2010/dsa-2006	vendor-advisory, x_refsource_DEBIAN
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10946	vdb-entry, signature, x_refsource_OVAL
	https://bugzilla.redhat.com/show_bug.cgi?id=567622	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7216	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/archive/1/514489/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.ubuntu.com/usn/USN-905-1	vendor-advisory, x_refsource_UBUNTU
	http://www.gratisoft.us/bugzilla/attachment.cgi?id=255	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html	vendor-advisory, x_refsource_SUSE
	http://wiki.rpath.com/Advisories:rPSA-2010-0075	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2010/02/23/4	mailing-list, x_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2010/02/24/5	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/38795	third-party-advisory, x_refsource_SECUNIA
	http://www.sudo.ws/cgi-bin/cvsweb/sudo/set_perms.c.diff?r1=1.30.2.7&r2=1.30.2.8	x_refsource_CONFIRM
	http://secunia.com/advisories/38915	third-party-advisory, x_refsource_SECUNIA
	http://www.gratisoft.us/bugzilla/show_bug.cgi?id=349	x_refsource_CONFIRM
	http://securitytracker.com/id?1023658	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:12.240Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38803",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38803"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz"
          },
          {
            "name": "GLSA-201003-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sudo.ws/repos/sudo/rev/aa0b6c01c462"
          },
          {
            "name": "38762",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38762"
          },
          {
            "name": "DSA-2006",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2006"
          },
          {
            "name": "oval:org.mitre.oval:def:10946",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10946"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=567622"
          },
          {
            "name": "oval:org.mitre.oval:def:7216",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7216"
          },
          {
            "name": "20101027 rPSA-2010-0075-1 sudo",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
          },
          {
            "name": "USN-905-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-905-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.gratisoft.us/bugzilla/attachment.cgi?id=255"
          },
          {
            "name": "SUSE-SR:2010:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
          },
          {
            "name": "[oss-security] 20100223 CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/02/23/4"
          },
          {
            "name": "[oss-security] 20100224 Re: CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/02/24/5"
          },
          {
            "name": "38795",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38795"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/cgi-bin/cvsweb/sudo/set_perms.c.diff?r1=1.30.2.7\u0026r2=1.30.2.8"
          },
          {
            "name": "38915",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38915"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.gratisoft.us/bugzilla/show_bug.cgi?id=349"
          },
          {
            "name": "1023658",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "38803",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38803"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz"
        },
        {
          "name": "GLSA-201003-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sudo.ws/repos/sudo/rev/aa0b6c01c462"
        },
        {
          "name": "38762",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38762"
        },
        {
          "name": "DSA-2006",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2006"
        },
        {
          "name": "oval:org.mitre.oval:def:10946",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10946"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=567622"
        },
        {
          "name": "oval:org.mitre.oval:def:7216",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7216"
        },
        {
          "name": "20101027 rPSA-2010-0075-1 sudo",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
        },
        {
          "name": "USN-905-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-905-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.gratisoft.us/bugzilla/attachment.cgi?id=255"
        },
        {
          "name": "SUSE-SR:2010:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
        },
        {
          "name": "[oss-security] 20100223 CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/02/23/4"
        },
        {
          "name": "[oss-security] 20100224 Re: CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/02/24/5"
        },
        {
          "name": "38795",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38795"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/cgi-bin/cvsweb/sudo/set_perms.c.diff?r1=1.30.2.7\u0026r2=1.30.2.8"
        },
        {
          "name": "38915",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38915"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.gratisoft.us/bugzilla/show_bug.cgi?id=349"
        },
        {
          "name": "1023658",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-0427",
    "datePublished": "2010-02-25T19:00:00",
    "dateReserved": "2010-01-27T00:00:00",
    "dateUpdated": "2024-08-07T00:45:12.240Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3081 (GCVE-0-2010-3081)

Vulnerability from cvelistv5

Published

2010-09-24 19:00

Modified

2024-08-07 02:55

Severity ?

CWE

n/a

Summary

The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.

References

URL

Tags

	http://www.vmware.com/security/advisories/VMSA-2010-0017.html	x_refsource_CONFIRM
	http://isc.sans.edu/diary.html?storyid=9574	x_refsource_MISC
	http://www.vupen.com/english/advisories/2010/3083	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/3117	vdb-entry, x_refsource_VUPEN
	http://sota.gen.nz/compat1/	x_refsource_MISC
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:198	vendor-advisory, x_refsource_MANDRIVA
	https://access.redhat.com/kb/docs/DOC-40265	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/514938/30/30/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/42384	third-party-advisory, x_refsource_SECUNIA
	http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0278.html	mailing-list, x_refsource_FULLDISC
	http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://www.redhat.com/support/errata/RHSA-2010-0842.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:247	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2011/0298	vdb-entry, x_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2010-0882.html	vendor-advisory, x_refsource_REDHAT
	http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html	vendor-advisory, x_refsource_SUSE
	http://blog.ksplice.com/2010/09/cve-2010-3081/	x_refsource_MISC
	http://secunia.com/advisories/43315	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://www.vmware.com/security/advisories/VMSA-2011-0003.html	x_refsource_CONFIRM
	http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0273.html	mailing-list, x_refsource_FULLDISC
	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c41d68a513c71e35a14f66d71782d27a79a81ea6	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-0758.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/archive/1/516397/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://bugzilla.redhat.com/show_bug.cgi?id=634457	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:214	vendor-advisory, x_refsource_MANDRIVA
	http://marc.info/?l=oss-security&m=128461522230211&w=2	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:55:46.715Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2010-0017.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isc.sans.edu/diary.html?storyid=9574"
          },
          {
            "name": "ADV-2010-3083",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3083"
          },
          {
            "name": "ADV-2010-3117",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3117"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://sota.gen.nz/compat1/"
          },
          {
            "name": "MDVSA-2010:198",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/kb/docs/DOC-40265"
          },
          {
            "name": "20101130 VMSA-2010-0017 VMware ESX third party update for Service Console kerne",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/514938/30/30/threaded"
          },
          {
            "name": "42384",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42384"
          },
          {
            "name": "20100916 Workaround for Ac1db1tch3z exploit.",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0278.html"
          },
          {
            "name": "SUSE-SA:2011:007",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
          },
          {
            "name": "RHSA-2010:0842",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
          },
          {
            "name": "MDVSA-2010:247",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:247"
          },
          {
            "name": "ADV-2011-0298",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0298"
          },
          {
            "name": "RHSA-2010:0882",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0882.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log"
          },
          {
            "name": "SUSE-SA:2010:050",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.ksplice.com/2010/09/cve-2010-3081/"
          },
          {
            "name": "43315",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43315"
          },
          {
            "name": "SUSE-SR:2010:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
          },
          {
            "name": "20100916 Ac1db1tch3z vs x86_64 Linux Kernel",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0273.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c41d68a513c71e35a14f66d71782d27a79a81ea6"
          },
          {
            "name": "RHSA-2010:0758",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0758.html"
          },
          {
            "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=634457"
          },
          {
            "name": "MDVSA-2010:214",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:214"
          },
          {
            "name": "[oss-security] 20100916 CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=oss-security\u0026m=128461522230211\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a \"stack pointer underflow\" issue, as exploited in the wild in September 2010."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2010-0017.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isc.sans.edu/diary.html?storyid=9574"
        },
        {
          "name": "ADV-2010-3083",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3083"
        },
        {
          "name": "ADV-2010-3117",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3117"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://sota.gen.nz/compat1/"
        },
        {
          "name": "MDVSA-2010:198",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/kb/docs/DOC-40265"
        },
        {
          "name": "20101130 VMSA-2010-0017 VMware ESX third party update for Service Console kerne",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/514938/30/30/threaded"
        },
        {
          "name": "42384",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42384"
        },
        {
          "name": "20100916 Workaround for Ac1db1tch3z exploit.",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0278.html"
        },
        {
          "name": "SUSE-SA:2011:007",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
        },
        {
          "name": "RHSA-2010:0842",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
        },
        {
          "name": "MDVSA-2010:247",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:247"
        },
        {
          "name": "ADV-2011-0298",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0298"
        },
        {
          "name": "RHSA-2010:0882",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0882.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log"
        },
        {
          "name": "SUSE-SA:2010:050",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.ksplice.com/2010/09/cve-2010-3081/"
        },
        {
          "name": "43315",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43315"
        },
        {
          "name": "SUSE-SR:2010:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
        },
        {
          "name": "20100916 Ac1db1tch3z vs x86_64 Linux Kernel",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0273.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c41d68a513c71e35a14f66d71782d27a79a81ea6"
        },
        {
          "name": "RHSA-2010:0758",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0758.html"
        },
        {
          "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=634457"
        },
        {
          "name": "MDVSA-2010:214",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:214"
        },
        {
          "name": "[oss-security] 20100916 CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=oss-security\u0026m=128461522230211\u0026w=2"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-3081",
    "datePublished": "2010-09-24T19:00:00",
    "dateReserved": "2010-08-20T00:00:00",
    "dateUpdated": "2024-08-07T02:55:46.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-3905 (GCVE-0-2011-3905)

Vulnerability from cvelistv5

Published

2011-12-13 21:00

Modified

2024-08-06 23:53

Severity ?

CWE

n/a

Summary

libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

References

URL

Tags

	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14761	vdb-entry, signature, x_refsource_OVAL
	http://rhn.redhat.com/errata/RHSA-2013-0217.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:188	vendor-advisory, x_refsource_MANDRIVA
	http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=95465	x_refsource_CONFIRM
	http://www.debian.org/security/2012/dsa-2394	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:53:31.717Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:14761",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14761"
          },
          {
            "name": "RHSA-2013:0217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
          },
          {
            "name": "MDVSA-2011:188",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:188"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=95465"
          },
          {
            "name": "DSA-2394",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2394"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:14761",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14761"
        },
        {
          "name": "RHSA-2013:0217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
        },
        {
          "name": "MDVSA-2011:188",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:188"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=95465"
        },
        {
          "name": "DSA-2394",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2394"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2011-3905",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:14761",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14761"
            },
            {
              "name": "RHSA-2013:0217",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
            },
            {
              "name": "MDVSA-2011:188",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:188"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=95465",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=95465"
            },
            {
              "name": "DSA-2394",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2394"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2011-3905",
    "datePublished": "2011-12-13T21:00:00",
    "dateReserved": "2011-10-01T00:00:00",
    "dateUpdated": "2024-08-06T23:53:31.717Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-2131 (GCVE-0-2012-2131)

Vulnerability from cvelistv5

Published

2012-04-24 20:00

Modified

2024-08-06 19:26

Severity ?

CWE

n/a

Summary

Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2012:064	vendor-advisory, x_refsource_MANDRIVA
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1428-1	vendor-advisory, x_refsource_UBUNTU
	http://cvs.openssl.org/chngview?cn=22479	x_refsource_CONFIRM
	http://www.openssl.org/news/secadv_20120424.txt	x_refsource_CONFIRM
	http://www.debian.org/security/2012/dsa-2454	vendor-advisory, x_refsource_DEBIAN
	http://support.apple.com/kb/HT5784	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/48895	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/75099	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/48956	third-party-advisory, x_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2012/04/24/1	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=134039053214295&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/57353	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=133728068926468&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=134039053214295&w=2	vendor-advisory, x_refsource_HP
	http://www.securitytracker.com/id?1026957	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/53212	vdb-entry, x_refsource_BID
	http://marc.info/?l=bugtraq&m=133728068926468&w=2	vendor-advisory, x_refsource_HP

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:26:08.465Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2012:0623",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html"
          },
          {
            "name": "SUSE-SU-2012:1149",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
          },
          {
            "name": "MDVSA-2012:064",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:064"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
          },
          {
            "name": "USN-1428-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1428-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvs.openssl.org/chngview?cn=22479"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openssl.org/news/secadv_20120424.txt"
          },
          {
            "name": "DSA-2454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2454"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5784"
          },
          {
            "name": "APPLE-SA-2013-06-04-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
          },
          {
            "name": "48895",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48895"
          },
          {
            "name": "openssl-asn1-code-execution(75099)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75099"
          },
          {
            "name": "48956",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48956"
          },
          {
            "name": "[oss-security] 20120424 Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/04/24/1"
          },
          {
            "name": "SUSE-SU-2012:0637",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html"
          },
          {
            "name": "HPSBOV02793",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
          },
          {
            "name": "57353",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/57353"
          },
          {
            "name": "HPSBUX02782",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
          },
          {
            "name": "SSRT100891",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
          },
          {
            "name": "1026957",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026957"
          },
          {
            "name": "53212",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/53212"
          },
          {
            "name": "SSRT100844",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-04-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2012:0623",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html"
        },
        {
          "name": "SUSE-SU-2012:1149",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
        },
        {
          "name": "MDVSA-2012:064",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:064"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
        },
        {
          "name": "USN-1428-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1428-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvs.openssl.org/chngview?cn=22479"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openssl.org/news/secadv_20120424.txt"
        },
        {
          "name": "DSA-2454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2454"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5784"
        },
        {
          "name": "APPLE-SA-2013-06-04-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
        },
        {
          "name": "48895",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48895"
        },
        {
          "name": "openssl-asn1-code-execution(75099)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75099"
        },
        {
          "name": "48956",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48956"
        },
        {
          "name": "[oss-security] 20120424 Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/04/24/1"
        },
        {
          "name": "SUSE-SU-2012:0637",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html"
        },
        {
          "name": "HPSBOV02793",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
        },
        {
          "name": "57353",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/57353"
        },
        {
          "name": "HPSBUX02782",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
        },
        {
          "name": "SSRT100891",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
        },
        {
          "name": "1026957",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026957"
        },
        {
          "name": "53212",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/53212"
        },
        {
          "name": "SSRT100844",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-2131",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2012:0623",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html"
            },
            {
              "name": "SUSE-SU-2012:1149",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
            },
            {
              "name": "MDVSA-2012:064",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:064"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
            },
            {
              "name": "USN-1428-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1428-1"
            },
            {
              "name": "http://cvs.openssl.org/chngview?cn=22479",
              "refsource": "CONFIRM",
              "url": "http://cvs.openssl.org/chngview?cn=22479"
            },
            {
              "name": "http://www.openssl.org/news/secadv_20120424.txt",
              "refsource": "CONFIRM",
              "url": "http://www.openssl.org/news/secadv_20120424.txt"
            },
            {
              "name": "DSA-2454",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2454"
            },
            {
              "name": "http://support.apple.com/kb/HT5784",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5784"
            },
            {
              "name": "APPLE-SA-2013-06-04-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
            },
            {
              "name": "48895",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48895"
            },
            {
              "name": "openssl-asn1-code-execution(75099)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75099"
            },
            {
              "name": "48956",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48956"
            },
            {
              "name": "[oss-security] 20120424 Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2012/04/24/1"
            },
            {
              "name": "SUSE-SU-2012:0637",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html"
            },
            {
              "name": "HPSBOV02793",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
            },
            {
              "name": "57353",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/57353"
            },
            {
              "name": "HPSBUX02782",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
            },
            {
              "name": "SSRT100891",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
            },
            {
              "name": "1026957",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026957"
            },
            {
              "name": "53212",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/53212"
            },
            {
              "name": "SSRT100844",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-2131",
    "datePublished": "2012-04-24T20:00:00",
    "dateReserved": "2012-04-04T00:00:00",
    "dateUpdated": "2024-08-06T19:26:08.465Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-5029 (GCVE-0-2009-5029)

Vulnerability from cvelistv5

Published

2013-05-02 14:00

Modified

2024-08-07 07:24

Severity ?

CWE

n/a

Summary

Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.

References

URL

Tags

	http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html	mailing-list, x_refsource_MLIST
	http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/	x_refsource_MISC
	http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2	x_refsource_MISC
	http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html	mailing-list, x_refsource_FULLDISC
	https://bugzilla.redhat.com/show_bug.cgi?id=761245	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:24:53.791Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[libc-alpha] 20111215 integer overflow to heap overrun exploit in glibc",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2"
          },
          {
            "name": "20111203 VSFTPD Remote Heap Overrun (low severity)",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=761245"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-05-02T14:00:00Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[libc-alpha] 20111215 integer overflow to heap overrun exploit in glibc",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2"
        },
        {
          "name": "20111203 VSFTPD Remote Heap Overrun (low severity)",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=761245"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-5029",
    "datePublished": "2013-05-02T14:00:00Z",
    "dateReserved": "2010-12-09T00:00:00Z",
    "dateUpdated": "2024-08-07T07:24:53.791Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-6271 (GCVE-0-2014-6271)

Vulnerability from cvelistv5

Published

2014-09-24 18:00

Modified

2025-07-30 01:46

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

n/a

Summary

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

References

URL

Tags

	https://www.exploit-db.com/exploits/37816/	exploit, x_refsource_EXPLOIT-DB
	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577137423233&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142719845423222&w=2	vendor-advisory, x_refsource_HP
	https://www.exploit-db.com/exploits/39918/	exploit, x_refsource_EXPLOIT-DB
	http://marc.info/?l=bugtraq&m=141216668515282&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1295.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html	vendor-advisory, x_refsource_SUSE
	https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/	x_refsource_CONFIRM
	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383138121313&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/archive/1/533593/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142719845423222&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61188	third-party-advisory, x_refsource_SECUNIA
	http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	x_refsource_CONFIRM
	http://jvn.jp/en/jp/JVN55667175/index.html	third-party-advisory, x_refsource_JVN
	http://secunia.com/advisories/61676	third-party-advisory, x_refsource_SECUNIA
	https://www.exploit-db.com/exploits/40619/	exploit, x_refsource_EXPLOIT-DB
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/60433	third-party-advisory, x_refsource_SECUNIA
	https://www.exploit-db.com/exploits/38849/	exploit, x_refsource_EXPLOIT-DB
	http://marc.info/?l=bugtraq&m=141383026420882&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141585637922673&w=2	vendor-advisory, x_refsource_HP
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=141576728022234&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	x_refsource_CONFIRM
	http://secunia.com/advisories/61715	third-party-advisory, x_refsource_SECUNIA
	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61816	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61442	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358078406056&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142805027510172&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61283	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142113462216480&w=2	vendor-advisory, x_refsource_HP
	http://www.ubuntu.com/usn/USN-2362-1	vendor-advisory, x_refsource_UBUNTU
	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61654	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61542	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015701	x_refsource_CONFIRM
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	x_refsource_CONFIRM
	http://secunia.com/advisories/62312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59272	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141319209015420&w=2	vendor-advisory, x_refsource_HP
	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61703	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT6495	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/252743	third-party-advisory, x_refsource_CERT-VN
	http://secunia.com/advisories/61065	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=141383196021590&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141383081521087&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/70103	vdb-entry, x_refsource_BID
	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	third-party-advisory, x_refsource_JVNDB
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://www.us-cert.gov/ncas/alerts/TA14-268A	third-party-advisory, x_refsource_CERT
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61641	third-party-advisory, x_refsource_SECUNIA
	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	x_refsource_CONFIRM
	https://access.redhat.com/node/1200223	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	x_refsource_CONFIRM
	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	vendor-advisory, x_refsource_APPLE
	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Oct/0	mailing-list, x_refsource_FULLDISC
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	vendor-advisory, x_refsource_MANDRIVA
	http://rhn.redhat.com/errata/RHSA-2014-1293.html	vendor-advisory, x_refsource_REDHAT
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60325	third-party-advisory, x_refsource_SECUNIA
	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	x_refsource_CONFIRM
	http://secunia.com/advisories/60024	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	x_refsource_MISC
	https://www.exploit-db.com/exploits/34879/	exploit, x_refsource_EXPLOIT-DB
	https://access.redhat.com/articles/1200223	x_refsource_CONFIRM
	http://secunia.com/advisories/62343	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61565	third-party-advisory, x_refsource_SECUNIA
	https://www.suse.com/support/shellshock/	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141450491804793&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61313	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61873	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61485	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60947	third-party-advisory, x_refsource_SECUNIA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	x_refsource_CONFIRM
	https://support.apple.com/kb/HT6535	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577297623641&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142546741516006&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383244821813&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60193	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	x_refsource_CONFIRM
	http://linux.oracle.com/errata/ELSA-2014-1294.html	x_refsource_CONFIRM
	http://secunia.com/advisories/60063	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html	x_refsource_MISC
	http://secunia.com/advisories/60034	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141330425327438&w=2	vendor-advisory, x_refsource_HP
	http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html	x_refsource_MISC
	http://secunia.com/advisories/59907	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58200	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141577241923505&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61643	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015721	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	x_refsource_CONFIRM
	http://secunia.com/advisories/61503	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-1354.html	vendor-advisory, x_refsource_REDHAT
	https://www.exploit-db.com/exploits/40938/	exploit, x_refsource_EXPLOIT-DB
	http://marc.info/?l=bugtraq&m=141216207813411&w=2	vendor-advisory, x_refsource_HP
	http://support.novell.com/security/cve/CVE-2014-6271.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	x_refsource_CONFIRM
	http://secunia.com/advisories/61547	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383465822787&w=2	vendor-advisory, x_refsource_HP
	http://www.qnap.com/i/en/support/con_show.php?cid=61	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141694386919794&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61552	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61780	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX200223	x_refsource_CONFIRM
	http://www.debian.org/security/2014/dsa-3032	vendor-advisory, x_refsource_DEBIAN
	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	x_refsource_CONFIRM
	http://secunia.com/advisories/62228	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141330468527613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61855	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141235957116749&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60044	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61291	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2014-1294.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=141345648114150&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59737	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61287	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383353622268&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	https://bugzilla.redhat.com/show_bug.cgi?id=1141597	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61711	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142113462216480&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383304022067&w=2	vendor-advisory, x_refsource_HP
	http://advisories.mageia.org/MGASA-2014-0388.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61128	third-party-advisory, x_refsource_SECUNIA
	https://support.citrix.com/article/CTX200217	x_refsource_CONFIRM
	http://secunia.com/advisories/61471	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60055	third-party-advisory, x_refsource_SECUNIA
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	vendor-advisory, x_refsource_CISCO
	http://secunia.com/advisories/61550	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61633	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-1293.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	x_refsource_CONFIRM
	https://kb.bluecoat.com/index?page=content&id=SA82	x_refsource_CONFIRM
	http://secunia.com/advisories/61328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/42938/	exploit, x_refsource_EXPLOIT-DB
	http://secunia.com/advisories/61129	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61700	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61603	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61857	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html	x_refsource_MISC
	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:10:13.276Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "37816",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/37816/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
          },
          {
            "name": "SUSE-SU-2014:1223",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
          },
          {
            "name": "HPSBMU03165",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
          },
          {
            "name": "SSRT101816",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
          },
          {
            "name": "39918",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39918/"
          },
          {
            "name": "HPSBHF03119",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
          },
          {
            "name": "RHSA-2014:1295",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
          },
          {
            "name": "openSUSE-SU-2014:1226",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
          },
          {
            "name": "HPSBST03131",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
          },
          {
            "name": "SSRT101819",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
          },
          {
            "name": "HPSBMU03245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
          },
          {
            "name": "HPSBST03196",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
          },
          {
            "name": "61188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61188"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
          },
          {
            "name": "JVN#55667175",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
          },
          {
            "name": "61676",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61676"
          },
          {
            "name": "40619",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40619/"
          },
          {
            "name": "openSUSE-SU-2014:1254",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
          },
          {
            "name": "60433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60433"
          },
          {
            "name": "38849",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/38849/"
          },
          {
            "name": "HPSBMU03143",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
          },
          {
            "name": "HPSBMU03182",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
          },
          {
            "name": "SUSE-SU-2014:1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
          },
          {
            "name": "HPSBST03155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
          },
          {
            "name": "61715",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61715"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
          },
          {
            "name": "61816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61816"
          },
          {
            "name": "openSUSE-SU-2014:1310",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
          },
          {
            "name": "61442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61442"
          },
          {
            "name": "HPSBMU03246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
          },
          {
            "name": "HPSBST03195",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
          },
          {
            "name": "61283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61283"
          },
          {
            "name": "SSRT101711",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "name": "USN-2362-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2362-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
          },
          {
            "name": "openSUSE-SU-2014:1308",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
          },
          {
            "name": "61654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61654"
          },
          {
            "name": "61542",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61542"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
          },
          {
            "name": "62312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62312"
          },
          {
            "name": "59272",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59272"
          },
          {
            "name": "HPSBST03122",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
          },
          {
            "name": "HPSBMU03217",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
          },
          {
            "name": "SSRT101868",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6495"
          },
          {
            "name": "VU#252743",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/252743"
          },
          {
            "name": "61065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61065"
          },
          {
            "name": "SUSE-SU-2014:1213",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
          },
          {
            "name": "HPSBST03129",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
          },
          {
            "name": "HPSBMU03144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
          },
          {
            "name": "70103",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70103"
          },
          {
            "name": "JVNDB-2014-000126",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
          },
          {
            "name": "SSRT101827",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "TA14-268A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
          },
          {
            "name": "SUSE-SU-2014:1212",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
          },
          {
            "name": "61641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61641"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/node/1200223"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
          },
          {
            "name": "SUSE-SU-2014:1287",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
          },
          {
            "name": "APPLE-SA-2014-10-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
          },
          {
            "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
          },
          {
            "name": "MDVSA-2015:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
          },
          {
            "name": "RHSA-2014:1293",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
          },
          {
            "name": "openSUSE-SU-2014:1238",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
          },
          {
            "name": "HPSBMU03220",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "60325",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60325"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
          },
          {
            "name": "60024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
          },
          {
            "name": "34879",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/34879/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/articles/1200223"
          },
          {
            "name": "62343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62343"
          },
          {
            "name": "61565",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/shellshock/"
          },
          {
            "name": "HPSBST03157",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
          },
          {
            "name": "61313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61313"
          },
          {
            "name": "SSRT101742",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "61873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61873"
          },
          {
            "name": "61485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61485"
          },
          {
            "name": "60947",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60947"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6535"
          },
          {
            "name": "HPSBST03154",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
          },
          {
            "name": "HPSBST03265",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
          },
          {
            "name": "HPSBGN03142",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
          },
          {
            "name": "61312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61312"
          },
          {
            "name": "60193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
          },
          {
            "name": "60063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60063"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
          },
          {
            "name": "60034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60034"
          },
          {
            "name": "HPSBMU03133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
          },
          {
            "name": "59907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59907"
          },
          {
            "name": "58200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58200"
          },
          {
            "name": "HPSBST03181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
          },
          {
            "name": "61643",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61643"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
          },
          {
            "name": "61503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
          },
          {
            "name": "RHSA-2014:1354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
          },
          {
            "name": "40938",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40938/"
          },
          {
            "name": "HPSBGN03117",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
          },
          {
            "name": "61547",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61547"
          },
          {
            "name": "HPSBHF03145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
          },
          {
            "name": "HPSBST03148",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
          },
          {
            "name": "61552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61552"
          },
          {
            "name": "61780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61780"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200223"
          },
          {
            "name": "DSA-3032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
          },
          {
            "name": "62228",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62228"
          },
          {
            "name": "HPSBGN03138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
          },
          {
            "name": "61855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61855"
          },
          {
            "name": "HPSBHF03124",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
          },
          {
            "name": "60044",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60044"
          },
          {
            "name": "61291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61291"
          },
          {
            "name": "RHSA-2014:1294",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
          },
          {
            "name": "HPSBHF03125",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
          },
          {
            "name": "59737",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59737"
          },
          {
            "name": "61287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61287"
          },
          {
            "name": "HPSBHF03146",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
          },
          {
            "name": "HPSBGN03233",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
          },
          {
            "name": "SSRT101739",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61711"
          },
          {
            "name": "HPSBOV03228",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
          },
          {
            "name": "HPSBGN03141",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
          },
          {
            "name": "61128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61128"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200217"
          },
          {
            "name": "61471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61471"
          },
          {
            "name": "60055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60055"
          },
          {
            "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
          },
          {
            "name": "61550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61550"
          },
          {
            "name": "61633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61633"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
          },
          {
            "name": "61328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
          },
          {
            "name": "42938",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/42938/"
          },
          {
            "name": "61129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61129"
          },
          {
            "name": "61700",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61700"
          },
          {
            "name": "61603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61603"
          },
          {
            "name": "61857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2014-6271",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T13:45:49.549420Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-01-28",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6271"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-78",
                "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:46:49.578Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2022-01-28T00:00:00+00:00",
            "value": "CVE-2014-6271 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\"  NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-05T16:37:05.000Z",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "37816",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/37816/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
        },
        {
          "name": "SUSE-SU-2014:1223",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
        },
        {
          "name": "HPSBMU03165",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
        },
        {
          "name": "SSRT101816",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
        },
        {
          "name": "39918",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39918/"
        },
        {
          "name": "HPSBHF03119",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
        },
        {
          "name": "RHSA-2014:1295",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
        },
        {
          "name": "openSUSE-SU-2014:1226",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
        },
        {
          "name": "HPSBST03131",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
        },
        {
          "name": "SSRT101819",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
        },
        {
          "name": "HPSBMU03245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
        },
        {
          "name": "HPSBST03196",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
        },
        {
          "name": "61188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61188"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
        },
        {
          "name": "JVN#55667175",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
        },
        {
          "name": "61676",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61676"
        },
        {
          "name": "40619",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/40619/"
        },
        {
          "name": "openSUSE-SU-2014:1254",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
        },
        {
          "name": "60433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60433"
        },
        {
          "name": "38849",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/38849/"
        },
        {
          "name": "HPSBMU03143",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
        },
        {
          "name": "HPSBMU03182",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
        },
        {
          "name": "SUSE-SU-2014:1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
        },
        {
          "name": "HPSBST03155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
        },
        {
          "name": "61715",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61715"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
        },
        {
          "name": "61816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61816"
        },
        {
          "name": "openSUSE-SU-2014:1310",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
        },
        {
          "name": "61442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61442"
        },
        {
          "name": "HPSBMU03246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
        },
        {
          "name": "HPSBST03195",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
        },
        {
          "name": "61283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61283"
        },
        {
          "name": "SSRT101711",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "name": "USN-2362-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2362-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
        },
        {
          "name": "openSUSE-SU-2014:1308",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
        },
        {
          "name": "61654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61654"
        },
        {
          "name": "61542",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61542"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
        },
        {
          "name": "62312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62312"
        },
        {
          "name": "59272",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59272"
        },
        {
          "name": "HPSBST03122",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
        },
        {
          "name": "HPSBMU03217",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
        },
        {
          "name": "SSRT101868",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6495"
        },
        {
          "name": "VU#252743",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/252743"
        },
        {
          "name": "61065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61065"
        },
        {
          "name": "SUSE-SU-2014:1213",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
        },
        {
          "name": "HPSBST03129",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
        },
        {
          "name": "HPSBMU03144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
        },
        {
          "name": "70103",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70103"
        },
        {
          "name": "JVNDB-2014-000126",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
        },
        {
          "name": "SSRT101827",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "TA14-268A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
        },
        {
          "name": "SUSE-SU-2014:1212",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
        },
        {
          "name": "61641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61641"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/node/1200223"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
        },
        {
          "name": "SUSE-SU-2014:1287",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
        },
        {
          "name": "APPLE-SA-2014-10-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
        },
        {
          "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
        },
        {
          "name": "MDVSA-2015:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
        },
        {
          "name": "RHSA-2014:1293",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
        },
        {
          "name": "openSUSE-SU-2014:1238",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
        },
        {
          "name": "HPSBMU03220",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "60325",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60325"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
        },
        {
          "name": "60024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
        },
        {
          "name": "34879",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/34879/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/articles/1200223"
        },
        {
          "name": "62343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62343"
        },
        {
          "name": "61565",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/support/shellshock/"
        },
        {
          "name": "HPSBST03157",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
        },
        {
          "name": "61313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61313"
        },
        {
          "name": "SSRT101742",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "61873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61873"
        },
        {
          "name": "61485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61485"
        },
        {
          "name": "60947",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60947"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6535"
        },
        {
          "name": "HPSBST03154",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
        },
        {
          "name": "HPSBST03265",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
        },
        {
          "name": "HPSBGN03142",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
        },
        {
          "name": "61312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61312"
        },
        {
          "name": "60193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
        },
        {
          "name": "60063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60063"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
        },
        {
          "name": "60034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60034"
        },
        {
          "name": "HPSBMU03133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
        },
        {
          "name": "59907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59907"
        },
        {
          "name": "58200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58200"
        },
        {
          "name": "HPSBST03181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
        },
        {
          "name": "61643",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61643"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
        },
        {
          "name": "61503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
        },
        {
          "name": "RHSA-2014:1354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
        },
        {
          "name": "40938",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/40938/"
        },
        {
          "name": "HPSBGN03117",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
        },
        {
          "name": "61547",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61547"
        },
        {
          "name": "HPSBHF03145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
        },
        {
          "name": "HPSBST03148",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
        },
        {
          "name": "61552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61552"
        },
        {
          "name": "61780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61780"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200223"
        },
        {
          "name": "DSA-3032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
        },
        {
          "name": "62228",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62228"
        },
        {
          "name": "HPSBGN03138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
        },
        {
          "name": "61855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61855"
        },
        {
          "name": "HPSBHF03124",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
        },
        {
          "name": "60044",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60044"
        },
        {
          "name": "61291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61291"
        },
        {
          "name": "RHSA-2014:1294",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
        },
        {
          "name": "HPSBHF03125",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
        },
        {
          "name": "59737",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59737"
        },
        {
          "name": "61287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61287"
        },
        {
          "name": "HPSBHF03146",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
        },
        {
          "name": "HPSBGN03233",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
        },
        {
          "name": "SSRT101739",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61711"
        },
        {
          "name": "HPSBOV03228",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
        },
        {
          "name": "HPSBGN03141",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
        },
        {
          "name": "61128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61128"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200217"
        },
        {
          "name": "61471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61471"
        },
        {
          "name": "60055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60055"
        },
        {
          "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
        },
        {
          "name": "61550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61550"
        },
        {
          "name": "61633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61633"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
        },
        {
          "name": "61328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
        },
        {
          "name": "42938",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/42938/"
        },
        {
          "name": "61129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61129"
        },
        {
          "name": "61700",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61700"
        },
        {
          "name": "61603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61603"
        },
        {
          "name": "61857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2014-6271",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\"  NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "37816",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/37816/"
            },
            {
              "name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
            },
            {
              "name": "SUSE-SU-2014:1223",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
            },
            {
              "name": "HPSBMU03165",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
            },
            {
              "name": "SSRT101816",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
            },
            {
              "name": "39918",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/39918/"
            },
            {
              "name": "HPSBHF03119",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
            },
            {
              "name": "RHSA-2014:1295",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
            },
            {
              "name": "openSUSE-SU-2014:1226",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
            },
            {
              "name": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/",
              "refsource": "CONFIRM",
              "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
            },
            {
              "name": "HPSBST03131",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
            },
            {
              "name": "SSRT101819",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
            },
            {
              "name": "HPSBMU03245",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
            },
            {
              "name": "HPSBST03196",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
            },
            {
              "name": "61188",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61188"
            },
            {
              "name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
              "refsource": "CONFIRM",
              "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
            },
            {
              "name": "JVN#55667175",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
            },
            {
              "name": "61676",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61676"
            },
            {
              "name": "40619",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/40619/"
            },
            {
              "name": "openSUSE-SU-2014:1254",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
            },
            {
              "name": "60433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60433"
            },
            {
              "name": "38849",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/38849/"
            },
            {
              "name": "HPSBMU03143",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
            },
            {
              "name": "HPSBMU03182",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
            },
            {
              "name": "SUSE-SU-2014:1260",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
            },
            {
              "name": "HPSBST03155",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
            },
            {
              "name": "61715",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61715"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
            },
            {
              "name": "61816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61816"
            },
            {
              "name": "openSUSE-SU-2014:1310",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
            },
            {
              "name": "61442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61442"
            },
            {
              "name": "HPSBMU03246",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
            },
            {
              "name": "HPSBST03195",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
            },
            {
              "name": "61283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61283"
            },
            {
              "name": "SSRT101711",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "USN-2362-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2362-1"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
            },
            {
              "name": "openSUSE-SU-2014:1308",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
            },
            {
              "name": "61654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61654"
            },
            {
              "name": "61542",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61542"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015701",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
            },
            {
              "name": "62312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62312"
            },
            {
              "name": "59272",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59272"
            },
            {
              "name": "HPSBST03122",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
            },
            {
              "name": "HPSBMU03217",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
            },
            {
              "name": "SSRT101868",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61703",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61703"
            },
            {
              "name": "http://support.apple.com/kb/HT6495",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6495"
            },
            {
              "name": "VU#252743",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/252743"
            },
            {
              "name": "61065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61065"
            },
            {
              "name": "SUSE-SU-2014:1213",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
            },
            {
              "name": "HPSBST03129",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
            },
            {
              "name": "HPSBMU03144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
            },
            {
              "name": "70103",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70103"
            },
            {
              "name": "JVNDB-2014-000126",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
            },
            {
              "name": "SSRT101827",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "TA14-268A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
            },
            {
              "name": "SUSE-SU-2014:1212",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
            },
            {
              "name": "61641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61641"
            },
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
            },
            {
              "name": "https://access.redhat.com/node/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/node/1200223"
            },
            {
              "name": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
            },
            {
              "name": "SUSE-SU-2014:1287",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
            },
            {
              "name": "APPLE-SA-2014-10-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
            },
            {
              "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
            },
            {
              "name": "MDVSA-2015:164",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
            },
            {
              "name": "RHSA-2014:1293",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
            },
            {
              "name": "openSUSE-SU-2014:1238",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
            },
            {
              "name": "HPSBMU03220",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "60325",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60325"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
            },
            {
              "name": "60024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60024"
            },
            {
              "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
            },
            {
              "name": "34879",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/34879/"
            },
            {
              "name": "https://access.redhat.com/articles/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/articles/1200223"
            },
            {
              "name": "62343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62343"
            },
            {
              "name": "61565",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61565"
            },
            {
              "name": "https://www.suse.com/support/shellshock/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/support/shellshock/"
            },
            {
              "name": "HPSBST03157",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
            },
            {
              "name": "61313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61313"
            },
            {
              "name": "SSRT101742",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "61873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61873"
            },
            {
              "name": "61485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61485"
            },
            {
              "name": "60947",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60947"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
            },
            {
              "name": "https://support.apple.com/kb/HT6535",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6535"
            },
            {
              "name": "HPSBST03154",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
            },
            {
              "name": "HPSBST03265",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
            },
            {
              "name": "HPSBGN03142",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
            },
            {
              "name": "61312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61312"
            },
            {
              "name": "60193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60193"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-1294.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
            },
            {
              "name": "60063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60063"
            },
            {
              "name": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
            },
            {
              "name": "60034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60034"
            },
            {
              "name": "HPSBMU03133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
            },
            {
              "name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html",
              "refsource": "MISC",
              "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
            },
            {
              "name": "59907",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59907"
            },
            {
              "name": "58200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58200"
            },
            {
              "name": "HPSBST03181",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
            },
            {
              "name": "61643",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61643"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015721",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
            },
            {
              "name": "61503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61503"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
            },
            {
              "name": "RHSA-2014:1354",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
            },
            {
              "name": "40938",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/40938/"
            },
            {
              "name": "HPSBGN03117",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
            },
            {
              "name": "http://support.novell.com/security/cve/CVE-2014-6271.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
            },
            {
              "name": "61547",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61547"
            },
            {
              "name": "HPSBHF03145",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
            },
            {
              "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
              "refsource": "CONFIRM",
              "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
            },
            {
              "name": "HPSBST03148",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
            },
            {
              "name": "61552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61552"
            },
            {
              "name": "61780",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61780"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
            },
            {
              "name": "https://support.citrix.com/article/CTX200223",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200223"
            },
            {
              "name": "DSA-3032",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3032"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
            },
            {
              "name": "62228",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62228"
            },
            {
              "name": "HPSBGN03138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
            },
            {
              "name": "61855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61855"
            },
            {
              "name": "HPSBHF03124",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
            },
            {
              "name": "60044",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60044"
            },
            {
              "name": "61291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61291"
            },
            {
              "name": "RHSA-2014:1294",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
            },
            {
              "name": "HPSBHF03125",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
            },
            {
              "name": "59737",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59737"
            },
            {
              "name": "61287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61287"
            },
            {
              "name": "HPSBHF03146",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
            },
            {
              "name": "HPSBGN03233",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
            },
            {
              "name": "SSRT101739",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61711",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61711"
            },
            {
              "name": "HPSBOV03228",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
            },
            {
              "name": "HPSBGN03141",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0388.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
            },
            {
              "name": "61128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61128"
            },
            {
              "name": "https://support.citrix.com/article/CTX200217",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200217"
            },
            {
              "name": "61471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61471"
            },
            {
              "name": "60055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60055"
            },
            {
              "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
            },
            {
              "name": "61550",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61550"
            },
            {
              "name": "61633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61633"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-1293.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
            },
            {
              "name": "61328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
            },
            {
              "name": "42938",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/42938/"
            },
            {
              "name": "61129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61129"
            },
            {
              "name": "61700",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61700"
            },
            {
              "name": "61603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61603"
            },
            {
              "name": "61857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
            },
            {
              "name": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2014-6271",
    "datePublished": "2014-09-24T18:00:00.000Z",
    "dateReserved": "2014-09-09T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:46:49.578Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0224 (GCVE-0-2014-0224)

Vulnerability from cvelistv5

Published

2014-06-05 21:00

Modified

2024-08-06 09:05

Severity ?

CWE

n/a

Summary

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.

References

URL

Tags

	http://secunia.com/advisories/59342	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59669	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59525	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140604261522465&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59004	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59530	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21675626	x_refsource_CONFIRM
	http://secunia.com/advisories/59824	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59282	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015300	x_refsource_CONFIRM
	http://secunia.com/advisories/59215	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=1103586	x_refsource_CONFIRM
	http://secunia.com/advisories/59990	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59264	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59454	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58492	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59186	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59188	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59126	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140672208601650&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=140784085708882&w=2	vendor-advisory, x_refsource_HP
	http://www.novell.com/support/kb/doc.php?id=7015264	x_refsource_CONFIRM
	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59306	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2014-0627.html	vendor-advisory, x_refsource_REDHAT
	http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140544599631400&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-0626.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59190	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58639	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21678289	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg21676877	x_refsource_CONFIRM
	http://secunia.com/advisories/59446	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59529	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59445	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59589	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59894	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59325	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59354	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg24037729	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21677131	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140266410314613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61254	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21678233	x_refsource_CONFIRM
	http://secunia.com/advisories/59447	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id/1031594	vdb-entry, x_refsource_SECTRACK
	http://www-01.ibm.com/support/docview.wss?uid=swg21676655	x_refsource_CONFIRM
	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E	x_refsource_CONFIRM
	http://secunia.com/advisories/59223	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58743	third-party-advisory, x_refsource_SECUNIA
	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html	x_refsource_CONFIRM
	http://secunia.com/advisories/58719	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59449	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59132	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142350350616251&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg400001843	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140870499402361&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=140386311427810&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59442	third-party-advisory, x_refsource_SECUNIA
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140317760000786&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142805027510172&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21676879	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg24037761	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21677828	x_refsource_CONFIRM
	http://secunia.com/advisories/59441	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140621259019789&w=2	vendor-advisory, x_refsource_HP
	http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140852757108392&w=2	vendor-advisory, x_refsource_HP
	https://filezilla-project.org/versions.php?type=server	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676786	x_refsource_CONFIRM
	http://secunia.com/advisories/60567	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59189	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59368	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2014:106	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/59142	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676478	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676845	x_refsource_CONFIRM
	http://secunia.com/advisories/58742	third-party-advisory, x_refsource_SECUNIA
	https://www.ibm.com/support/docview.wss?uid=ssg1S1004670	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0624.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59602	third-party-advisory, x_refsource_SECUNIA
	http://www.kerio.com/support/kerio-control/release-history	x_refsource_CONFIRM
	http://secunia.com/advisories/59300	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58930	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21677080	x_refsource_CONFIRM
	http://secunia.com/advisories/61815	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58667	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-201407-05.xml	vendor-advisory, x_refsource_GENTOO
	http://www-01.ibm.com/support/docview.wss?uid=swg21677390	x_refsource_CONFIRM
	http://secunia.com/advisories/59191	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59284	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59444	third-party-advisory, x_refsource_SECUNIA
	https://www.imperialviolet.org/2014/06/05/earlyccs.html	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg24037783	x_refsource_CONFIRM
	http://secunia.com/advisories/59365	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21677695	x_refsource_CONFIRM
	http://secunia.com/advisories/59305	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676529	x_refsource_CONFIRM
	http://secunia.com/advisories/59483	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58385	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/534161/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/59495	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676889	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/58945	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg400001841	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141025641601169&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59659	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59440	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/59429	third-party-advisory, x_refsource_SECUNIA
	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59655	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59370	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59827	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58660	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59163	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58716	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59055	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676071	x_refsource_CONFIRM
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21677836	x_refsource_CONFIRM
	http://secunia.com/advisories/59437	third-party-advisory, x_refsource_SECUNIA
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754	x_refsource_CONFIRM
	http://secunia.com/advisories/60176	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141147110427269&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59101	third-party-advisory, x_refsource_SECUNIA
	http://esupport.trendmicro.com/solution/en-US/1103813.aspx	x_refsource_CONFIRM
	http://secunia.com/advisories/59374	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59063	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0006.html	x_refsource_CONFIRM
	https://discussions.nessus.org/thread/7517	x_refsource_CONFIRM
	http://secunia.com/advisories/59310	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676501	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142350350616251&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21676536	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	x_refsource_CONFIRM
	http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/59502	third-party-advisory, x_refsource_SECUNIA
	http://www.splunk.com/view/SP-CAAAM2D	x_refsource_CONFIRM
	http://secunia.com/advisories/59878	third-party-advisory, x_refsource_SECUNIA
	http://www.fortiguard.com/advisory/FG-IR-14-018/	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=140852826008699&w=2	vendor-advisory, x_refsource_HP
	http://www.ibm.com/support/docview.wss?uid=swg21676793	x_refsource_CONFIRM
	http://secunia.com/advisories/59214	third-party-advisory, x_refsource_SECUNIA
	http://www.ibm.com/support/docview.wss?uid=swg21676356	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140794476212181&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=140389274407904&w=2	vendor-advisory, x_refsource_HP
	http://support.citrix.com/article/CTX140876	x_refsource_CONFIRM
	http://secunia.com/advisories/59167	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59120	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg24037732	x_refsource_CONFIRM
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140369637402535&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59380	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2014:105	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/59460	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59506	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58939	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140266410314613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59661	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59514	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59677	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2014-0630.html	vendor-advisory, x_refsource_REDHAT
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl	vendor-advisory, x_refsource_CISCO
	http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0632.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg24037730	x_refsource_CONFIRM
	https://kc.mcafee.com/corporate/index?page=content&id=SB10075	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg24037731	x_refsource_CONFIRM
	http://secunia.com/advisories/58745	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676419	x_refsource_CONFIRM
	http://secunia.com/advisories/59438	third-party-advisory, x_refsource_SECUNIA
	http://www.ibm.com/support/docview.wss?uid=isg3T1020948	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676496	x_refsource_CONFIRM
	http://secunia.com/advisories/58714	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140482916501310&w=2	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html	vendor-advisory, x_refsource_SUSE
	http://ccsinjection.lepidum.co.jp	x_refsource_MISC
	http://secunia.com/advisories/59435	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141658880509699&w=2	vendor-advisory, x_refsource_HP
	http://www.openssl.org/news/secadv_20140605.txt	x_refsource_CONFIRM
	http://secunia.com/advisories/58615	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142546741516006&w=2	vendor-advisory, x_refsource_HP
	http://seclists.org/fulldisclosure/2014/Dec/23	mailing-list, x_refsource_FULLDISC
	http://www-01.ibm.com/support/docview.wss?uid=swg21676644	x_refsource_CONFIRM
	http://secunia.com/advisories/59231	third-party-advisory, x_refsource_SECUNIA
	https://www.ibm.com/support/docview.wss?uid=ssg1S1004671	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html	vendor-advisory, x_refsource_SUSE
	http://support.apple.com/kb/HT6443	x_refsource_CONFIRM
	http://secunia.com/advisories/59211	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58433	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60066	third-party-advisory, x_refsource_SECUNIA
	http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html	x_refsource_CONFIRM
	https://access.redhat.com/site/blogs/766093/posts/908133	x_refsource_CONFIRM
	http://secunia.com/advisories/59301	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60522	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59784	third-party-advisory, x_refsource_SECUNIA
	https://kb.bluecoat.com/index?page=content&id=SA80	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383410222440&w=2	vendor-advisory, x_refsource_HP
	http://seclists.org/fulldisclosure/2014/Jun/38	mailing-list, x_refsource_FULLDISC
	http://marc.info/?l=bugtraq&m=140904544427729&w=2	vendor-advisory, x_refsource_HP
	http://www.f-secure.com/en/web/labs_global/fsc-2014-6	x_refsource_CONFIRM
	http://secunia.com/advisories/59135	third-party-advisory, x_refsource_SECUNIA
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21678167	x_refsource_CONFIRM
	http://secunia.com/advisories/58759	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59093	third-party-advisory, x_refsource_SECUNIA
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740	x_refsource_CONFIRM
	http://puppetlabs.com/security/cve/cve-2014-0224	x_refsource_CONFIRM
	http://secunia.com/advisories/59192	third-party-advisory, x_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html	vendor-advisory, x_refsource_FEDORA
	http://marc.info/?l=bugtraq&m=140752315422991&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/58579	third-party-advisory, x_refsource_SECUNIA
	https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf	x_refsource_CONFIRM
	http://secunia.com/advisories/59040	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140389355508263&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59175	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60819	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140448122410568&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59666	third-party-advisory, x_refsource_SECUNIA
	http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download	x_refsource_CONFIRM
	http://secunia.com/advisories/58128	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140431828824371&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59413	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676334	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21675821	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg24037870	x_refsource_CONFIRM
	http://secunia.com/advisories/59721	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383465822787&w=2	vendor-advisory, x_refsource_HP
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0680.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21676062	x_refsource_CONFIRM
	http://secunia.com/advisories/59012	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58713	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21673137	x_refsource_CONFIRM
	http://secunia.com/advisories/59362	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	vendor-advisory, x_refsource_MANDRIVA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676035	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140499864129699&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-0631.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59338	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59450	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-1053.html	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/978508	third-party-advisory, x_refsource_CERT-VN
	http://www.securitytracker.com/id/1031032	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/59287	third-party-advisory, x_refsource_SECUNIA
	https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21683332	x_refsource_CONFIRM
	http://secunia.com/advisories/59491	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59364	third-party-advisory, x_refsource_SECUNIA
	https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues	x_refsource_CONFIRM
	http://secunia.com/advisories/59451	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58977	third-party-advisory, x_refsource_SECUNIA
	https://www.novell.com/support/kb/doc.php?id=7015271	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21676333	x_refsource_CONFIRM
	http://secunia.com/advisories/60571	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59459	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676833	x_refsource_CONFIRM
	http://secunia.com/advisories/60577	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59448	third-party-advisory, x_refsource_SECUNIA
	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=bc8923b1ec9c467755cd86f7848c50ee8812e441	x_refsource_CONFIRM
	https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf	x_refsource_CONFIRM
	http://www.blackberry.com/btsc/KB36051	x_refsource_CONFIRM
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755	x_refsource_CONFIRM
	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141164638606214&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690	x_refsource_CONFIRM
	http://secunia.com/advisories/59885	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21677527	x_refsource_CONFIRM
	http://secunia.com/advisories/59202	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2014-0633.html	vendor-advisory, x_refsource_REDHAT
	http://www.ibm.com/support/docview.wss?uid=ssg1S1004678	x_refsource_CONFIRM
	http://secunia.com/advisories/59375	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=140983229106599&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59528	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58337	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59518	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59389	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59162	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59383	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21677567	x_refsource_CONFIRM
	http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217	x_refsource_CONFIRM
	http://secunia.com/advisories/59490	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59916	third-party-advisory, x_refsource_SECUNIA
	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=140491231331543&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg24037727	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg1IT02314	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/59043	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59347	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60049	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21676615	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf	x_refsource_CONFIRM
	https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:39.462Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "59342",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59342"
          },
          {
            "name": "59669",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59669"
          },
          {
            "name": "59525",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59525"
          },
          {
            "name": "HPSBMU03071",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140604261522465\u0026w=2"
          },
          {
            "name": "59004",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59004"
          },
          {
            "name": "59530",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59530"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
          },
          {
            "name": "59824",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59824"
          },
          {
            "name": "59282",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59282"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015300"
          },
          {
            "name": "59215",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59215"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103586"
          },
          {
            "name": "59990",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59990"
          },
          {
            "name": "59264",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59264"
          },
          {
            "name": "59454",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59454"
          },
          {
            "name": "58492",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58492"
          },
          {
            "name": "59186",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59186"
          },
          {
            "name": "59188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59188"
          },
          {
            "name": "59126",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59126"
          },
          {
            "name": "HPSBMU03078",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140672208601650\u0026w=2"
          },
          {
            "name": "HPSBMU03089",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140784085708882\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015264"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html"
          },
          {
            "name": "59306",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59306"
          },
          {
            "name": "RHSA-2014:0627",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0627.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
          },
          {
            "name": "HPSBGN03068",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
          },
          {
            "name": "RHSA-2014:0626",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0626.html"
          },
          {
            "name": "59190",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59190"
          },
          {
            "name": "58639",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58639"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21676877"
          },
          {
            "name": "59446",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59446"
          },
          {
            "name": "59529",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59529"
          },
          {
            "name": "59445",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
          },
          {
            "name": "59589",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59589"
          },
          {
            "name": "59894",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59894"
          },
          {
            "name": "59325",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59325"
          },
          {
            "name": "59354",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59354"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037729"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677131"
          },
          {
            "name": "HPSBUX03046",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
          },
          {
            "name": "61254",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61254"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678233"
          },
          {
            "name": "59447",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59447"
          },
          {
            "name": "1031594",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031594"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6061\u0026myns=phmc\u0026mync=E"
          },
          {
            "name": "59223",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59223"
          },
          {
            "name": "58743",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58743"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "name": "58719",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58719"
          },
          {
            "name": "59449",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59449"
          },
          {
            "name": "59132",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59132"
          },
          {
            "name": "SSRT101818",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
          },
          {
            "name": "HPSBST03098",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140870499402361\u0026w=2"
          },
          {
            "name": "HPSBMU03058",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140386311427810\u0026w=2"
          },
          {
            "name": "59442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59442"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
          },
          {
            "name": "HPSBOV03047",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
          },
          {
            "name": "HPSBST03195",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
          },
          {
            "name": "59441",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59441"
          },
          {
            "name": "HPSBMU03074",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf"
          },
          {
            "name": "HPSBMU03094",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140852757108392\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://filezilla-project.org/versions.php?type=server"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676786"
          },
          {
            "name": "60567",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60567"
          },
          {
            "name": "59189",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59189"
          },
          {
            "name": "59368",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59368"
          },
          {
            "name": "MDVSA-2014:106",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106"
          },
          {
            "name": "59142",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59142"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676478"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676845"
          },
          {
            "name": "58742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58742"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/docview.wss?uid=ssg1S1004670"
          },
          {
            "name": "RHSA-2014:0624",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0624.html"
          },
          {
            "name": "59602",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59602"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kerio.com/support/kerio-control/release-history"
          },
          {
            "name": "59300",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59300"
          },
          {
            "name": "58930",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58930"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677080"
          },
          {
            "name": "61815",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61815"
          },
          {
            "name": "58667",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58667"
          },
          {
            "name": "GLSA-201407-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677390"
          },
          {
            "name": "59191",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59191"
          },
          {
            "name": "59284",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59284"
          },
          {
            "name": "59444",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59444"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.imperialviolet.org/2014/06/05/earlyccs.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
          },
          {
            "name": "59365",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59365"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
          },
          {
            "name": "59305",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59305"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
          },
          {
            "name": "59483",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59483"
          },
          {
            "name": "58385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58385"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
          },
          {
            "name": "59495",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
          },
          {
            "name": "FEDORA-2014-9308",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
          },
          {
            "name": "58945",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58945"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
          },
          {
            "name": "HPSBST03106",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141025641601169\u0026w=2"
          },
          {
            "name": "59659",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59659"
          },
          {
            "name": "59440",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59440"
          },
          {
            "name": "openSUSE-SU-2016:0640",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
          },
          {
            "name": "59429",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59429"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "name": "59655",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59655"
          },
          {
            "name": "59370",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59370"
          },
          {
            "name": "59827",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59827"
          },
          {
            "name": "58660",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58660"
          },
          {
            "name": "59163",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59163"
          },
          {
            "name": "58716",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58716"
          },
          {
            "name": "59055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59055"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
          },
          {
            "name": "59437",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59437"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754"
          },
          {
            "name": "60176",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60176"
          },
          {
            "name": "HPSBPI03107",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141147110427269\u0026w=2"
          },
          {
            "name": "59101",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59101"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://esupport.trendmicro.com/solution/en-US/1103813.aspx"
          },
          {
            "name": "59374",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59374"
          },
          {
            "name": "59063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59063"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://discussions.nessus.org/thread/7517"
          },
          {
            "name": "59310",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59310"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
          },
          {
            "name": "HPSBMU03216",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676536"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
          },
          {
            "name": "IV61506",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506"
          },
          {
            "name": "59502",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59502"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.splunk.com/view/SP-CAAAM2D"
          },
          {
            "name": "59878",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59878"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.fortiguard.com/advisory/FG-IR-14-018/"
          },
          {
            "name": "SUSE-SU-2015:0743",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
          },
          {
            "name": "HPSBMU03101",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140852826008699\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
          },
          {
            "name": "59214",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59214"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
          },
          {
            "name": "HPSBHF03088",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140794476212181\u0026w=2"
          },
          {
            "name": "HPSBMU03057",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/CTX140876"
          },
          {
            "name": "59167",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59167"
          },
          {
            "name": "59120",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59120"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037732"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172"
          },
          {
            "name": "HPSBMU03053",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140369637402535\u0026w=2"
          },
          {
            "name": "59380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59380"
          },
          {
            "name": "MDVSA-2014:105",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105"
          },
          {
            "name": "59460",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59460"
          },
          {
            "name": "59506",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59506"
          },
          {
            "name": "58939",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58939"
          },
          {
            "name": "SSRT101590",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
          },
          {
            "name": "59661",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59661"
          },
          {
            "name": "59514",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59514"
          },
          {
            "name": "59677",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59677"
          },
          {
            "name": "RHSA-2014:0630",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0630.html"
          },
          {
            "name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195"
          },
          {
            "name": "RHSA-2014:0632",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0632.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037730"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037731"
          },
          {
            "name": "58745",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58745"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
          },
          {
            "name": "59438",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59438"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=isg3T1020948"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
          },
          {
            "name": "58714",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58714"
          },
          {
            "name": "HPSBGN03050",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2015:0229",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ccsinjection.lepidum.co.jp"
          },
          {
            "name": "59435",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59435"
          },
          {
            "name": "HPSBHF03052",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openssl.org/news/secadv_20140605.txt"
          },
          {
            "name": "58615",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58615"
          },
          {
            "name": "HPSBST03265",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644"
          },
          {
            "name": "59231",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59231"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/docview.wss?uid=ssg1S1004671"
          },
          {
            "name": "SUSE-SU-2015:0578",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6443"
          },
          {
            "name": "59211",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59211"
          },
          {
            "name": "58433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58433"
          },
          {
            "name": "60066",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60066"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/site/blogs/766093/posts/908133"
          },
          {
            "name": "59301",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59301"
          },
          {
            "name": "60522",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60522"
          },
          {
            "name": "59784",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59784"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA80"
          },
          {
            "name": "HPSBST03097",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383410222440\u0026w=2"
          },
          {
            "name": "20140607 Re: More OpenSSL issues",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Jun/38"
          },
          {
            "name": "HPSBMU03076",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
          },
          {
            "name": "59135",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59135"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
          },
          {
            "name": "58759",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58759"
          },
          {
            "name": "59093",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59093"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://puppetlabs.com/security/cve/cve-2014-0224"
          },
          {
            "name": "59192",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59192"
          },
          {
            "name": "FEDORA-2014-9301",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html"
          },
          {
            "name": "HPSBMU03062",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
          },
          {
            "name": "58579",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58579"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf"
          },
          {
            "name": "59040",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59040"
          },
          {
            "name": "HPSBMU03056",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
          },
          {
            "name": "59175",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59175"
          },
          {
            "name": "60819",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60819"
          },
          {
            "name": "HPSBMU03051",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
          },
          {
            "name": "59666",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59666"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download"
          },
          {
            "name": "58128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58128"
          },
          {
            "name": "HPSBMU03055",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
          },
          {
            "name": "59413",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59413"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676334"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037870"
          },
          {
            "name": "59721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59721"
          },
          {
            "name": "HPSBHF03145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756"
          },
          {
            "name": "RHSA-2014:0680",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0680.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
          },
          {
            "name": "59012",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59012"
          },
          {
            "name": "58713",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58713"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
          },
          {
            "name": "59362",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59362"
          },
          {
            "name": "MDVSA-2015:062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
          },
          {
            "name": "HPSBMU03070",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140499864129699\u0026w=2"
          },
          {
            "name": "RHSA-2014:0631",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0631.html"
          },
          {
            "name": "59338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59338"
          },
          {
            "name": "59450",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59450"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1053.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "name": "VU#978508",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/978508"
          },
          {
            "name": "1031032",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031032"
          },
          {
            "name": "59287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59287"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
          },
          {
            "name": "59491",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59491"
          },
          {
            "name": "59364",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59364"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues"
          },
          {
            "name": "59451",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59451"
          },
          {
            "name": "58977",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58977"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.novell.com/support/kb/doc.php?id=7015271"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676333"
          },
          {
            "name": "60571",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60571"
          },
          {
            "name": "59459",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59459"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676833"
          },
          {
            "name": "60577",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60577"
          },
          {
            "name": "59448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59448"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=bc8923b1ec9c467755cd86f7848c50ee8812e441"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.blackberry.com/btsc/KB36051"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
          },
          {
            "name": "HPSBST03103",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141164638606214\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690"
          },
          {
            "name": "59885",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59885"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
          },
          {
            "name": "59202",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59202"
          },
          {
            "name": "RHSA-2014:0633",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0633.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004678"
          },
          {
            "name": "59375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59375"
          },
          {
            "name": "HPSBMU03083",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140983229106599\u0026w=2"
          },
          {
            "name": "59528",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59528"
          },
          {
            "name": "58337",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58337"
          },
          {
            "name": "59518",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59518"
          },
          {
            "name": "59389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59389"
          },
          {
            "name": "59162",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59162"
          },
          {
            "name": "59383",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59383"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677567"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29217"
          },
          {
            "name": "59490",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59490"
          },
          {
            "name": "59916",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59916"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6060\u0026myns=phmc\u0026mync=E"
          },
          {
            "name": "HPSBMU03065",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037727"
          },
          {
            "name": "IT02314",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg1IT02314"
          },
          {
            "name": "59043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59043"
          },
          {
            "name": "59347",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59347"
          },
          {
            "name": "60049",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60049"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-05T16:47:29",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "59342",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59342"
        },
        {
          "name": "59669",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59669"
        },
        {
          "name": "59525",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59525"
        },
        {
          "name": "HPSBMU03071",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140604261522465\u0026w=2"
        },
        {
          "name": "59004",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59004"
        },
        {
          "name": "59530",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59530"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
        },
        {
          "name": "59824",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59824"
        },
        {
          "name": "59282",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59282"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015300"
        },
        {
          "name": "59215",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59215"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103586"
        },
        {
          "name": "59990",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59990"
        },
        {
          "name": "59264",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59264"
        },
        {
          "name": "59454",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59454"
        },
        {
          "name": "58492",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58492"
        },
        {
          "name": "59186",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59186"
        },
        {
          "name": "59188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59188"
        },
        {
          "name": "59126",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59126"
        },
        {
          "name": "HPSBMU03078",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140672208601650\u0026w=2"
        },
        {
          "name": "HPSBMU03089",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140784085708882\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015264"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html"
        },
        {
          "name": "59306",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59306"
        },
        {
          "name": "RHSA-2014:0627",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0627.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
        },
        {
          "name": "HPSBGN03068",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
        },
        {
          "name": "RHSA-2014:0626",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0626.html"
        },
        {
          "name": "59190",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59190"
        },
        {
          "name": "58639",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58639"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21676877"
        },
        {
          "name": "59446",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59446"
        },
        {
          "name": "59529",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59529"
        },
        {
          "name": "59445",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
        },
        {
          "name": "59589",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59589"
        },
        {
          "name": "59894",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59894"
        },
        {
          "name": "59325",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59325"
        },
        {
          "name": "59354",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59354"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037729"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677131"
        },
        {
          "name": "HPSBUX03046",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
        },
        {
          "name": "61254",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61254"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678233"
        },
        {
          "name": "59447",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59447"
        },
        {
          "name": "1031594",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031594"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6061\u0026myns=phmc\u0026mync=E"
        },
        {
          "name": "59223",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59223"
        },
        {
          "name": "58743",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58743"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
        },
        {
          "name": "58719",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58719"
        },
        {
          "name": "59449",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59449"
        },
        {
          "name": "59132",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59132"
        },
        {
          "name": "SSRT101818",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
        },
        {
          "name": "HPSBST03098",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140870499402361\u0026w=2"
        },
        {
          "name": "HPSBMU03058",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140386311427810\u0026w=2"
        },
        {
          "name": "59442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59442"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
        },
        {
          "name": "HPSBOV03047",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
        },
        {
          "name": "HPSBST03195",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
        },
        {
          "name": "59441",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59441"
        },
        {
          "name": "HPSBMU03074",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf"
        },
        {
          "name": "HPSBMU03094",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140852757108392\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://filezilla-project.org/versions.php?type=server"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676786"
        },
        {
          "name": "60567",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60567"
        },
        {
          "name": "59189",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59189"
        },
        {
          "name": "59368",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59368"
        },
        {
          "name": "MDVSA-2014:106",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106"
        },
        {
          "name": "59142",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59142"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676478"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676845"
        },
        {
          "name": "58742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58742"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/docview.wss?uid=ssg1S1004670"
        },
        {
          "name": "RHSA-2014:0624",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0624.html"
        },
        {
          "name": "59602",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59602"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kerio.com/support/kerio-control/release-history"
        },
        {
          "name": "59300",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59300"
        },
        {
          "name": "58930",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58930"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677080"
        },
        {
          "name": "61815",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61815"
        },
        {
          "name": "58667",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58667"
        },
        {
          "name": "GLSA-201407-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677390"
        },
        {
          "name": "59191",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59191"
        },
        {
          "name": "59284",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59284"
        },
        {
          "name": "59444",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59444"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.imperialviolet.org/2014/06/05/earlyccs.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
        },
        {
          "name": "59365",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59365"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
        },
        {
          "name": "59305",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59305"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
        },
        {
          "name": "59483",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59483"
        },
        {
          "name": "58385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58385"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
        },
        {
          "name": "59495",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
        },
        {
          "name": "FEDORA-2014-9308",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
        },
        {
          "name": "58945",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58945"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
        },
        {
          "name": "HPSBST03106",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141025641601169\u0026w=2"
        },
        {
          "name": "59659",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59659"
        },
        {
          "name": "59440",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59440"
        },
        {
          "name": "openSUSE-SU-2016:0640",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
        },
        {
          "name": "59429",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59429"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
        },
        {
          "name": "59655",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59655"
        },
        {
          "name": "59370",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59370"
        },
        {
          "name": "59827",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59827"
        },
        {
          "name": "58660",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58660"
        },
        {
          "name": "59163",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59163"
        },
        {
          "name": "58716",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58716"
        },
        {
          "name": "59055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59055"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
        },
        {
          "name": "59437",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59437"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754"
        },
        {
          "name": "60176",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60176"
        },
        {
          "name": "HPSBPI03107",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141147110427269\u0026w=2"
        },
        {
          "name": "59101",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59101"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://esupport.trendmicro.com/solution/en-US/1103813.aspx"
        },
        {
          "name": "59374",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59374"
        },
        {
          "name": "59063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59063"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://discussions.nessus.org/thread/7517"
        },
        {
          "name": "59310",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59310"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
        },
        {
          "name": "HPSBMU03216",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676536"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
        },
        {
          "name": "IV61506",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506"
        },
        {
          "name": "59502",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59502"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.splunk.com/view/SP-CAAAM2D"
        },
        {
          "name": "59878",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59878"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.fortiguard.com/advisory/FG-IR-14-018/"
        },
        {
          "name": "SUSE-SU-2015:0743",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
        },
        {
          "name": "HPSBMU03101",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140852826008699\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
        },
        {
          "name": "59214",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59214"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
        },
        {
          "name": "HPSBHF03088",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140794476212181\u0026w=2"
        },
        {
          "name": "HPSBMU03057",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.citrix.com/article/CTX140876"
        },
        {
          "name": "59167",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59167"
        },
        {
          "name": "59120",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59120"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037732"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172"
        },
        {
          "name": "HPSBMU03053",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140369637402535\u0026w=2"
        },
        {
          "name": "59380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59380"
        },
        {
          "name": "MDVSA-2014:105",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105"
        },
        {
          "name": "59460",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59460"
        },
        {
          "name": "59506",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59506"
        },
        {
          "name": "58939",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58939"
        },
        {
          "name": "SSRT101590",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
        },
        {
          "name": "59661",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59661"
        },
        {
          "name": "59514",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59514"
        },
        {
          "name": "59677",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59677"
        },
        {
          "name": "RHSA-2014:0630",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0630.html"
        },
        {
          "name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195"
        },
        {
          "name": "RHSA-2014:0632",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0632.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037730"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037731"
        },
        {
          "name": "58745",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58745"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
        },
        {
          "name": "59438",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59438"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=isg3T1020948"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
        },
        {
          "name": "58714",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58714"
        },
        {
          "name": "HPSBGN03050",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2015:0229",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://ccsinjection.lepidum.co.jp"
        },
        {
          "name": "59435",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59435"
        },
        {
          "name": "HPSBHF03052",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openssl.org/news/secadv_20140605.txt"
        },
        {
          "name": "58615",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58615"
        },
        {
          "name": "HPSBST03265",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644"
        },
        {
          "name": "59231",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59231"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/docview.wss?uid=ssg1S1004671"
        },
        {
          "name": "SUSE-SU-2015:0578",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6443"
        },
        {
          "name": "59211",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59211"
        },
        {
          "name": "58433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58433"
        },
        {
          "name": "60066",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60066"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/site/blogs/766093/posts/908133"
        },
        {
          "name": "59301",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59301"
        },
        {
          "name": "60522",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60522"
        },
        {
          "name": "59784",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59784"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA80"
        },
        {
          "name": "HPSBST03097",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383410222440\u0026w=2"
        },
        {
          "name": "20140607 Re: More OpenSSL issues",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Jun/38"
        },
        {
          "name": "HPSBMU03076",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
        },
        {
          "name": "59135",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59135"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
        },
        {
          "name": "58759",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58759"
        },
        {
          "name": "59093",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59093"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://puppetlabs.com/security/cve/cve-2014-0224"
        },
        {
          "name": "59192",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59192"
        },
        {
          "name": "FEDORA-2014-9301",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html"
        },
        {
          "name": "HPSBMU03062",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
        },
        {
          "name": "58579",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58579"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf"
        },
        {
          "name": "59040",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59040"
        },
        {
          "name": "HPSBMU03056",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
        },
        {
          "name": "59175",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59175"
        },
        {
          "name": "60819",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60819"
        },
        {
          "name": "HPSBMU03051",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
        },
        {
          "name": "59666",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59666"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download"
        },
        {
          "name": "58128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58128"
        },
        {
          "name": "HPSBMU03055",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
        },
        {
          "name": "59413",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59413"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676334"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037870"
        },
        {
          "name": "59721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59721"
        },
        {
          "name": "HPSBHF03145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756"
        },
        {
          "name": "RHSA-2014:0680",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0680.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
        },
        {
          "name": "59012",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59012"
        },
        {
          "name": "58713",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58713"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
        },
        {
          "name": "59362",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59362"
        },
        {
          "name": "MDVSA-2015:062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
        },
        {
          "name": "HPSBMU03070",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140499864129699\u0026w=2"
        },
        {
          "name": "RHSA-2014:0631",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0631.html"
        },
        {
          "name": "59338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59338"
        },
        {
          "name": "59450",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59450"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1053.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
        },
        {
          "name": "VU#978508",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/978508"
        },
        {
          "name": "1031032",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031032"
        },
        {
          "name": "59287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59287"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
        },
        {
          "name": "59491",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59491"
        },
        {
          "name": "59364",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59364"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues"
        },
        {
          "name": "59451",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59451"
        },
        {
          "name": "58977",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58977"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.novell.com/support/kb/doc.php?id=7015271"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676333"
        },
        {
          "name": "60571",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60571"
        },
        {
          "name": "59459",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59459"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676833"
        },
        {
          "name": "60577",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60577"
        },
        {
          "name": "59448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59448"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=bc8923b1ec9c467755cd86f7848c50ee8812e441"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.blackberry.com/btsc/KB36051"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
        },
        {
          "name": "HPSBST03103",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141164638606214\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690"
        },
        {
          "name": "59885",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59885"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
        },
        {
          "name": "59202",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59202"
        },
        {
          "name": "RHSA-2014:0633",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0633.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004678"
        },
        {
          "name": "59375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59375"
        },
        {
          "name": "HPSBMU03083",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140983229106599\u0026w=2"
        },
        {
          "name": "59528",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59528"
        },
        {
          "name": "58337",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58337"
        },
        {
          "name": "59518",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59518"
        },
        {
          "name": "59389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59389"
        },
        {
          "name": "59162",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59162"
        },
        {
          "name": "59383",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59383"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677567"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29217"
        },
        {
          "name": "59490",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59490"
        },
        {
          "name": "59916",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59916"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6060\u0026myns=phmc\u0026mync=E"
        },
        {
          "name": "HPSBMU03065",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037727"
        },
        {
          "name": "IT02314",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg1IT02314"
        },
        {
          "name": "59043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59043"
        },
        {
          "name": "59347",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59347"
        },
        {
          "name": "60049",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60049"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-0224",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "59342",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59342"
            },
            {
              "name": "59669",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59669"
            },
            {
              "name": "59525",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59525"
            },
            {
              "name": "HPSBMU03071",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140604261522465\u0026w=2"
            },
            {
              "name": "59004",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59004"
            },
            {
              "name": "59530",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59530"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
            },
            {
              "name": "59824",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59824"
            },
            {
              "name": "59282",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59282"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015300",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015300"
            },
            {
              "name": "59215",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59215"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1103586",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103586"
            },
            {
              "name": "59990",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59990"
            },
            {
              "name": "59264",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59264"
            },
            {
              "name": "59454",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59454"
            },
            {
              "name": "58492",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58492"
            },
            {
              "name": "59186",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59186"
            },
            {
              "name": "59188",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59188"
            },
            {
              "name": "59126",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59126"
            },
            {
              "name": "HPSBMU03078",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140672208601650\u0026w=2"
            },
            {
              "name": "HPSBMU03089",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140784085708882\u0026w=2"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015264",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015264"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html"
            },
            {
              "name": "59306",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59306"
            },
            {
              "name": "RHSA-2014:0627",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0627.html"
            },
            {
              "name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
              "refsource": "CONFIRM",
              "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
            },
            {
              "name": "HPSBGN03068",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
            },
            {
              "name": "RHSA-2014:0626",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0626.html"
            },
            {
              "name": "59190",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59190"
            },
            {
              "name": "58639",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58639"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21676877",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21676877"
            },
            {
              "name": "59446",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59446"
            },
            {
              "name": "59529",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59529"
            },
            {
              "name": "59445",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59445"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
            },
            {
              "name": "59589",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59589"
            },
            {
              "name": "59894",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59894"
            },
            {
              "name": "59325",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59325"
            },
            {
              "name": "59354",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59354"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24037729",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037729"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677131"
            },
            {
              "name": "HPSBUX03046",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
            },
            {
              "name": "61254",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61254"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678233",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678233"
            },
            {
              "name": "59447",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59447"
            },
            {
              "name": "1031594",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031594"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
            },
            {
              "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6061\u0026myns=phmc\u0026mync=E",
              "refsource": "CONFIRM",
              "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6061\u0026myns=phmc\u0026mync=E"
            },
            {
              "name": "59223",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59223"
            },
            {
              "name": "58743",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58743"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
            },
            {
              "name": "58719",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58719"
            },
            {
              "name": "59449",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59449"
            },
            {
              "name": "59132",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59132"
            },
            {
              "name": "SSRT101818",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
            },
            {
              "name": "HPSBST03098",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140870499402361\u0026w=2"
            },
            {
              "name": "HPSBMU03058",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140386311427810\u0026w=2"
            },
            {
              "name": "59442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59442"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
            },
            {
              "name": "HPSBOV03047",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
            },
            {
              "name": "HPSBST03195",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
            },
            {
              "name": "59441",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59441"
            },
            {
              "name": "HPSBMU03074",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
            },
            {
              "name": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf"
            },
            {
              "name": "HPSBMU03094",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140852757108392\u0026w=2"
            },
            {
              "name": "https://filezilla-project.org/versions.php?type=server",
              "refsource": "CONFIRM",
              "url": "https://filezilla-project.org/versions.php?type=server"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676786",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676786"
            },
            {
              "name": "60567",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60567"
            },
            {
              "name": "59189",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59189"
            },
            {
              "name": "59368",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59368"
            },
            {
              "name": "MDVSA-2014:106",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106"
            },
            {
              "name": "59142",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59142"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676478",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676478"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676845",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676845"
            },
            {
              "name": "58742",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58742"
            },
            {
              "name": "https://www.ibm.com/support/docview.wss?uid=ssg1S1004670",
              "refsource": "CONFIRM",
              "url": "https://www.ibm.com/support/docview.wss?uid=ssg1S1004670"
            },
            {
              "name": "RHSA-2014:0624",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0624.html"
            },
            {
              "name": "59602",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59602"
            },
            {
              "name": "http://www.kerio.com/support/kerio-control/release-history",
              "refsource": "CONFIRM",
              "url": "http://www.kerio.com/support/kerio-control/release-history"
            },
            {
              "name": "59300",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59300"
            },
            {
              "name": "58930",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58930"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677080",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677080"
            },
            {
              "name": "61815",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61815"
            },
            {
              "name": "58667",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58667"
            },
            {
              "name": "GLSA-201407-05",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677390",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677390"
            },
            {
              "name": "59191",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59191"
            },
            {
              "name": "59284",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59284"
            },
            {
              "name": "59444",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59444"
            },
            {
              "name": "https://www.imperialviolet.org/2014/06/05/earlyccs.html",
              "refsource": "MISC",
              "url": "https://www.imperialviolet.org/2014/06/05/earlyccs.html"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg24037783",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
            },
            {
              "name": "59365",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59365"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
            },
            {
              "name": "59305",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59305"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
            },
            {
              "name": "59483",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59483"
            },
            {
              "name": "58385",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58385"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
            },
            {
              "name": "59495",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59495"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
            },
            {
              "name": "FEDORA-2014-9308",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
            },
            {
              "name": "58945",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58945"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
            },
            {
              "name": "HPSBST03106",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141025641601169\u0026w=2"
            },
            {
              "name": "59659",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59659"
            },
            {
              "name": "59440",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59440"
            },
            {
              "name": "openSUSE-SU-2016:0640",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
            },
            {
              "name": "59429",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59429"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
            },
            {
              "name": "59655",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59655"
            },
            {
              "name": "59370",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59370"
            },
            {
              "name": "59827",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59827"
            },
            {
              "name": "58660",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58660"
            },
            {
              "name": "59163",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59163"
            },
            {
              "name": "58716",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58716"
            },
            {
              "name": "59055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59055"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
            },
            {
              "name": "59437",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59437"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754"
            },
            {
              "name": "60176",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60176"
            },
            {
              "name": "HPSBPI03107",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141147110427269\u0026w=2"
            },
            {
              "name": "59101",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59101"
            },
            {
              "name": "http://esupport.trendmicro.com/solution/en-US/1103813.aspx",
              "refsource": "CONFIRM",
              "url": "http://esupport.trendmicro.com/solution/en-US/1103813.aspx"
            },
            {
              "name": "59374",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59374"
            },
            {
              "name": "59063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59063"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html"
            },
            {
              "name": "https://discussions.nessus.org/thread/7517",
              "refsource": "CONFIRM",
              "url": "https://discussions.nessus.org/thread/7517"
            },
            {
              "name": "59310",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59310"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
            },
            {
              "name": "HPSBMU03216",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676536",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676536"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc",
              "refsource": "CONFIRM",
              "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
            },
            {
              "name": "IV61506",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506"
            },
            {
              "name": "59502",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59502"
            },
            {
              "name": "http://www.splunk.com/view/SP-CAAAM2D",
              "refsource": "CONFIRM",
              "url": "http://www.splunk.com/view/SP-CAAAM2D"
            },
            {
              "name": "59878",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59878"
            },
            {
              "name": "http://www.fortiguard.com/advisory/FG-IR-14-018/",
              "refsource": "CONFIRM",
              "url": "http://www.fortiguard.com/advisory/FG-IR-14-018/"
            },
            {
              "name": "SUSE-SU-2015:0743",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
            },
            {
              "name": "HPSBMU03101",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140852826008699\u0026w=2"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21676793",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
            },
            {
              "name": "59214",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59214"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21676356",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
            },
            {
              "name": "HPSBHF03088",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140794476212181\u0026w=2"
            },
            {
              "name": "HPSBMU03057",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
            },
            {
              "name": "http://support.citrix.com/article/CTX140876",
              "refsource": "CONFIRM",
              "url": "http://support.citrix.com/article/CTX140876"
            },
            {
              "name": "59167",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59167"
            },
            {
              "name": "59120",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59120"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24037732",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037732"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172"
            },
            {
              "name": "HPSBMU03053",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140369637402535\u0026w=2"
            },
            {
              "name": "59380",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59380"
            },
            {
              "name": "MDVSA-2014:105",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105"
            },
            {
              "name": "59460",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59460"
            },
            {
              "name": "59506",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59506"
            },
            {
              "name": "58939",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58939"
            },
            {
              "name": "SSRT101590",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
            },
            {
              "name": "59661",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59661"
            },
            {
              "name": "59514",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59514"
            },
            {
              "name": "59677",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59677"
            },
            {
              "name": "RHSA-2014:0630",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0630.html"
            },
            {
              "name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195"
            },
            {
              "name": "RHSA-2014:0632",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0632.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24037730",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037730"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24037731",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037731"
            },
            {
              "name": "58745",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58745"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
            },
            {
              "name": "59438",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59438"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=isg3T1020948",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=isg3T1020948"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
            },
            {
              "name": "58714",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58714"
            },
            {
              "name": "HPSBGN03050",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2015:0229",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html"
            },
            {
              "name": "http://ccsinjection.lepidum.co.jp",
              "refsource": "MISC",
              "url": "http://ccsinjection.lepidum.co.jp"
            },
            {
              "name": "59435",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59435"
            },
            {
              "name": "HPSBHF03052",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
            },
            {
              "name": "http://www.openssl.org/news/secadv_20140605.txt",
              "refsource": "CONFIRM",
              "url": "http://www.openssl.org/news/secadv_20140605.txt"
            },
            {
              "name": "58615",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58615"
            },
            {
              "name": "HPSBST03265",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644"
            },
            {
              "name": "59231",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59231"
            },
            {
              "name": "https://www.ibm.com/support/docview.wss?uid=ssg1S1004671",
              "refsource": "CONFIRM",
              "url": "https://www.ibm.com/support/docview.wss?uid=ssg1S1004671"
            },
            {
              "name": "SUSE-SU-2015:0578",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6443",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6443"
            },
            {
              "name": "59211",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59211"
            },
            {
              "name": "58433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58433"
            },
            {
              "name": "60066",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60066"
            },
            {
              "name": "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html"
            },
            {
              "name": "https://access.redhat.com/site/blogs/766093/posts/908133",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/site/blogs/766093/posts/908133"
            },
            {
              "name": "59301",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59301"
            },
            {
              "name": "60522",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60522"
            },
            {
              "name": "59784",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59784"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA80",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA80"
            },
            {
              "name": "HPSBST03097",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383410222440\u0026w=2"
            },
            {
              "name": "20140607 Re: More OpenSSL issues",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Jun/38"
            },
            {
              "name": "HPSBMU03076",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
            },
            {
              "name": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6",
              "refsource": "CONFIRM",
              "url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
            },
            {
              "name": "59135",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59135"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
            },
            {
              "name": "58759",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58759"
            },
            {
              "name": "59093",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59093"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740"
            },
            {
              "name": "http://puppetlabs.com/security/cve/cve-2014-0224",
              "refsource": "CONFIRM",
              "url": "http://puppetlabs.com/security/cve/cve-2014-0224"
            },
            {
              "name": "59192",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59192"
            },
            {
              "name": "FEDORA-2014-9301",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html"
            },
            {
              "name": "HPSBMU03062",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
            },
            {
              "name": "58579",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58579"
            },
            {
              "name": "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf",
              "refsource": "CONFIRM",
              "url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf"
            },
            {
              "name": "59040",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59040"
            },
            {
              "name": "HPSBMU03056",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
            },
            {
              "name": "59175",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59175"
            },
            {
              "name": "60819",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60819"
            },
            {
              "name": "HPSBMU03051",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
            },
            {
              "name": "59666",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59666"
            },
            {
              "name": "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download",
              "refsource": "CONFIRM",
              "url": "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download"
            },
            {
              "name": "58128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58128"
            },
            {
              "name": "HPSBMU03055",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
            },
            {
              "name": "59413",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59413"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676334",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676334"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24037870",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037870"
            },
            {
              "name": "59721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59721"
            },
            {
              "name": "HPSBHF03145",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756"
            },
            {
              "name": "RHSA-2014:0680",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0680.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
            },
            {
              "name": "59012",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59012"
            },
            {
              "name": "58713",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58713"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
            },
            {
              "name": "59362",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59362"
            },
            {
              "name": "MDVSA-2015:062",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
            },
            {
              "name": "HPSBMU03070",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140499864129699\u0026w=2"
            },
            {
              "name": "RHSA-2014:0631",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0631.html"
            },
            {
              "name": "59338",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59338"
            },
            {
              "name": "59450",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59450"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-1053.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-1053.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
            },
            {
              "name": "VU#978508",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/978508"
            },
            {
              "name": "1031032",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031032"
            },
            {
              "name": "59287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59287"
            },
            {
              "name": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1",
              "refsource": "CONFIRM",
              "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
            },
            {
              "name": "59491",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59491"
            },
            {
              "name": "59364",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59364"
            },
            {
              "name": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues",
              "refsource": "CONFIRM",
              "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues"
            },
            {
              "name": "59451",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59451"
            },
            {
              "name": "58977",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58977"
            },
            {
              "name": "https://www.novell.com/support/kb/doc.php?id=7015271",
              "refsource": "CONFIRM",
              "url": "https://www.novell.com/support/kb/doc.php?id=7015271"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676333",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676333"
            },
            {
              "name": "60571",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60571"
            },
            {
              "name": "59459",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59459"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676833",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676833"
            },
            {
              "name": "60577",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60577"
            },
            {
              "name": "59448",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59448"
            },
            {
              "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=bc8923b1ec9c467755cd86f7848c50ee8812e441",
              "refsource": "CONFIRM",
              "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=bc8923b1ec9c467755cd86f7848c50ee8812e441"
            },
            {
              "name": "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf",
              "refsource": "CONFIRM",
              "url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf"
            },
            {
              "name": "http://www.blackberry.com/btsc/KB36051",
              "refsource": "CONFIRM",
              "url": "http://www.blackberry.com/btsc/KB36051"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755"
            },
            {
              "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
            },
            {
              "name": "HPSBST03103",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141164638606214\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690"
            },
            {
              "name": "59885",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59885"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
            },
            {
              "name": "59202",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59202"
            },
            {
              "name": "RHSA-2014:0633",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0633.html"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004678",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004678"
            },
            {
              "name": "59375",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59375"
            },
            {
              "name": "HPSBMU03083",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140983229106599\u0026w=2"
            },
            {
              "name": "59528",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59528"
            },
            {
              "name": "58337",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58337"
            },
            {
              "name": "59518",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59518"
            },
            {
              "name": "59389",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59389"
            },
            {
              "name": "59162",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59162"
            },
            {
              "name": "59383",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59383"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677567",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677567"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29217",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29217"
            },
            {
              "name": "59490",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59490"
            },
            {
              "name": "59916",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59916"
            },
            {
              "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6060\u0026myns=phmc\u0026mync=E",
              "refsource": "CONFIRM",
              "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=6060\u0026myns=phmc\u0026mync=E"
            },
            {
              "name": "HPSBMU03065",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24037727",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037727"
            },
            {
              "name": "IT02314",
              "refsource": "AIXAPAR",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg1IT02314"
            },
            {
              "name": "59043",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59043"
            },
            {
              "name": "59347",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59347"
            },
            {
              "name": "60049",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60049"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0224",
    "datePublished": "2014-06-05T21:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:39.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0426 (GCVE-0-2010-0426)

Vulnerability from cvelistv5

Published

2010-02-24 18:00

Modified

2024-08-07 00:45

Severity ?

CWE

n/a

Summary

sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory.

References

URL

Tags

	http://secunia.com/advisories/38803	third-party-advisory, x_refsource_SECUNIA
	ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz	x_refsource_CONFIRM
	http://sudo.ws/repos/sudo/rev/88f3181692fe	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238	vdb-entry, signature, x_refsource_OVAL
	http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml	vendor-advisory, x_refsource_GENTOO
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:049	vendor-advisory, x_refsource_MANDRIVA
	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/38762	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2010/dsa-2006	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/39399	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/38362	vdb-entry, x_refsource_BID
	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html	vendor-advisory, x_refsource_FEDORA
	http://www.securityfocus.com/archive/1/514489/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.ubuntu.com/usn/USN-905-1	vendor-advisory, x_refsource_UBUNTU
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814	vdb-entry, signature, x_refsource_OVAL
	http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html	vendor-advisory, x_refsource_SUSE
	http://www.vupen.com/english/advisories/2010/0949	vdb-entry, x_refsource_VUPEN
	http://sudo.ws/bugs/show_bug.cgi?id=389	x_refsource_CONFIRM
	http://wiki.rpath.com/Advisories:rPSA-2010-0075	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/0450	vdb-entry, x_refsource_VUPEN
	http://www.sudo.ws/sudo/stable.html	x_refsource_CONFIRM
	http://secunia.com/advisories/38659	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/38795	third-party-advisory, x_refsource_SECUNIA
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737	x_refsource_MISC
	http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/	x_refsource_MISC
	http://secunia.com/advisories/38915	third-party-advisory, x_refsource_SECUNIA
	http://sudo.ws/repos/sudo/rev/f86e1b56d074	x_refsource_CONFIRM
	http://securitytracker.com/id?1023658	vdb-entry, x_refsource_SECTRACK
	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019	vendor-advisory, x_refsource_SLACKWARE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:12.329Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38803",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38803"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sudo.ws/repos/sudo/rev/88f3181692fe"
          },
          {
            "name": "oval:org.mitre.oval:def:7238",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238"
          },
          {
            "name": "GLSA-201003-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
          },
          {
            "name": "MDVSA-2010:049",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:049"
          },
          {
            "name": "FEDORA-2010-6701",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html"
          },
          {
            "name": "38762",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38762"
          },
          {
            "name": "DSA-2006",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2006"
          },
          {
            "name": "39399",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39399"
          },
          {
            "name": "38362",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38362"
          },
          {
            "name": "FEDORA-2010-6749",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html"
          },
          {
            "name": "20101027 rPSA-2010-0075-1 sudo",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
          },
          {
            "name": "USN-905-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-905-1"
          },
          {
            "name": "oval:org.mitre.oval:def:10814",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814"
          },
          {
            "name": "SUSE-SR:2010:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
          },
          {
            "name": "ADV-2010-0949",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0949"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sudo.ws/bugs/show_bug.cgi?id=389"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
          },
          {
            "name": "ADV-2010-0450",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0450"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/sudo/stable.html"
          },
          {
            "name": "38659",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38659"
          },
          {
            "name": "38795",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38795"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/"
          },
          {
            "name": "38915",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38915"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sudo.ws/repos/sudo/rev/f86e1b56d074"
          },
          {
            "name": "1023658",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023658"
          },
          {
            "name": "SSA:2010-110-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user\u0027s home directory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "38803",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38803"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sudo.ws/repos/sudo/rev/88f3181692fe"
        },
        {
          "name": "oval:org.mitre.oval:def:7238",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238"
        },
        {
          "name": "GLSA-201003-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
        },
        {
          "name": "MDVSA-2010:049",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:049"
        },
        {
          "name": "FEDORA-2010-6701",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html"
        },
        {
          "name": "38762",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38762"
        },
        {
          "name": "DSA-2006",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2006"
        },
        {
          "name": "39399",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39399"
        },
        {
          "name": "38362",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38362"
        },
        {
          "name": "FEDORA-2010-6749",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html"
        },
        {
          "name": "20101027 rPSA-2010-0075-1 sudo",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
        },
        {
          "name": "USN-905-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-905-1"
        },
        {
          "name": "oval:org.mitre.oval:def:10814",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814"
        },
        {
          "name": "SUSE-SR:2010:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
        },
        {
          "name": "ADV-2010-0949",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0949"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sudo.ws/bugs/show_bug.cgi?id=389"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
        },
        {
          "name": "ADV-2010-0450",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0450"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/sudo/stable.html"
        },
        {
          "name": "38659",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38659"
        },
        {
          "name": "38795",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38795"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/"
        },
        {
          "name": "38915",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38915"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sudo.ws/repos/sudo/rev/f86e1b56d074"
        },
        {
          "name": "1023658",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023658"
        },
        {
          "name": "SSA:2010-110-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-0426",
    "datePublished": "2010-02-24T18:00:00",
    "dateReserved": "2010-01-27T00:00:00",
    "dateUpdated": "2024-08-07T00:45:12.329Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-7186 (GCVE-0-2014-7186)

Vulnerability from cvelistv5

Published

2014-09-28 19:00

Modified

2024-08-06 12:40

Severity ?

CWE

n/a

Summary

The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted use of here documents, aka the "redir_stack" issue.

References

URL

Tags

	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	x_refsource_MISC
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577137423233&w=2	vendor-advisory, x_refsource_HP
	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383138121313&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/archive/1/533593/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	x_refsource_CONFIRM
	http://secunia.com/advisories/61188	third-party-advisory, x_refsource_SECUNIA
	http://jvn.jp/en/jp/JVN55667175/index.html	third-party-advisory, x_refsource_JVN
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/60433	third-party-advisory, x_refsource_SECUNIA
	http://openwall.com/lists/oss-security/2014/09/25/32	mailing-list, x_refsource_MLIST
	http://marc.info/?l=bugtraq&m=141383026420882&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141585637922673&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141576728022234&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61636	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61816	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61442	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358078406056&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61283	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142113462216480&w=2	vendor-advisory, x_refsource_HP
	http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html	vendor-advisory, x_refsource_APPLE
	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	x_refsource_CONFIRM
	http://secunia.com/advisories/61654	third-party-advisory, x_refsource_SECUNIA
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	x_refsource_CONFIRM
	http://secunia.com/advisories/62312	third-party-advisory, x_refsource_SECUNIA
	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1312.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61703	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2364-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/61065	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383196021590&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141383081521087&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	x_refsource_CONFIRM
	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	third-party-advisory, x_refsource_JVNDB
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61641	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html	vendor-advisory, x_refsource_SUSE
	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Oct/0	mailing-list, x_refsource_FULLDISC
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	vendor-advisory, x_refsource_MANDRIVA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	x_refsource_CONFIRM
	https://support.apple.com/HT205267	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60024	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	x_refsource_MISC
	http://secunia.com/advisories/61622	third-party-advisory, x_refsource_SECUNIA
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	vendor-advisory, x_refsource_CISCO
	http://support.novell.com/security/cve/CVE-2014-7186.html	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2014/09/28/10	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/62343	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61565	third-party-advisory, x_refsource_SECUNIA
	https://www.suse.com/support/shellshock/	x_refsource_CONFIRM
	http://support.apple.com/HT204244	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141450491804793&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61313	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142289270617409&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61873	third-party-advisory, x_refsource_SECUNIA
	http://openwall.com/lists/oss-security/2014/09/26/2	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/61485	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61618	third-party-advisory, x_refsource_SECUNIA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577297623641&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383244821813&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60193	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61479	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60063	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60034	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59907	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58200	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141577241923505&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61643	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015721	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	x_refsource_CONFIRM
	http://secunia.com/advisories/61503	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-1354.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=142289270617409&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	x_refsource_CONFIRM
	http://www.qnap.com/i/en/support/con_show.php?cid=61	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141694386919794&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61552	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61780	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX200223	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	x_refsource_CONFIRM
	http://secunia.com/advisories/62228	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141330468527613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60044	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61291	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141345648114150&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61287	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61711	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142113462216480&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://marc.info/?l=bugtraq&m=141383304022067&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1311.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/61128	third-party-advisory, x_refsource_SECUNIA
	https://support.citrix.com/article/CTX200217	x_refsource_CONFIRM
	http://secunia.com/advisories/61471	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60055	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61550	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61633	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	x_refsource_CONFIRM
	https://kb.bluecoat.com/index?page=content&id=SA82	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	x_refsource_CONFIRM
	http://secunia.com/advisories/61129	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61603	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:40:19.198Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
          },
          {
            "name": "HPSBMU03165",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
          },
          {
            "name": "HPSBST03131",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
          },
          {
            "name": "SSRT101819",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
          },
          {
            "name": "HPSBMU03245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2014:1229",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
          },
          {
            "name": "61188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61188"
          },
          {
            "name": "JVN#55667175",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
          },
          {
            "name": "openSUSE-SU-2014:1254",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
          },
          {
            "name": "60433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60433"
          },
          {
            "name": "[oss-security] 20140925 Fwd: Non-upstream patches for bash",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2014/09/25/32"
          },
          {
            "name": "HPSBMU03143",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
          },
          {
            "name": "HPSBMU03182",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
          },
          {
            "name": "HPSBST03155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
          },
          {
            "name": "61636",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61636"
          },
          {
            "name": "61816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61816"
          },
          {
            "name": "61442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61442"
          },
          {
            "name": "HPSBMU03246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
          },
          {
            "name": "61283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61283"
          },
          {
            "name": "SSRT101711",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "name": "APPLE-SA-2015-09-30-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
          },
          {
            "name": "61654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61654"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
          },
          {
            "name": "62312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62312"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
          },
          {
            "name": "HPSBMU03217",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "RHSA-2014:1312",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
          },
          {
            "name": "SSRT101868",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61703"
          },
          {
            "name": "USN-2364-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2364-1"
          },
          {
            "name": "61065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61065"
          },
          {
            "name": "HPSBST03129",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
          },
          {
            "name": "HPSBMU03144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
          },
          {
            "name": "JVNDB-2014-000126",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
          },
          {
            "name": "SSRT101827",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "61641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61641"
          },
          {
            "name": "SUSE-SU-2014:1247",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
          },
          {
            "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
          },
          {
            "name": "MDVSA-2015:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT205267"
          },
          {
            "name": "HPSBMU03220",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "60024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
          },
          {
            "name": "61622",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61622"
          },
          {
            "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/security/cve/CVE-2014-7186.html"
          },
          {
            "name": "[oss-security] 20140928 Re: CVE-2014-6271: remote code execution through bash",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2014/09/28/10"
          },
          {
            "name": "62343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62343"
          },
          {
            "name": "61565",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/shellshock/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/HT204244"
          },
          {
            "name": "HPSBST03157",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
          },
          {
            "name": "61313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61313"
          },
          {
            "name": "SSRT101830",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
          },
          {
            "name": "SSRT101742",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "61873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61873"
          },
          {
            "name": "[oss-security] 20140926 Re: Fwd: Non-upstream patches for bash",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2014/09/26/2"
          },
          {
            "name": "61485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61485"
          },
          {
            "name": "openSUSE-SU-2014:1242",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
          },
          {
            "name": "61618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61618"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
          },
          {
            "name": "HPSBST03154",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
          },
          {
            "name": "HPSBGN03142",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
          },
          {
            "name": "61312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61312"
          },
          {
            "name": "60193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
          },
          {
            "name": "61479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61479"
          },
          {
            "name": "60063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60063"
          },
          {
            "name": "60034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60034"
          },
          {
            "name": "59907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59907"
          },
          {
            "name": "58200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58200"
          },
          {
            "name": "HPSBST03181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
          },
          {
            "name": "61643",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61643"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
          },
          {
            "name": "61503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
          },
          {
            "name": "RHSA-2014:1354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
          },
          {
            "name": "HPSBMU03236",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
          },
          {
            "name": "HPSBST03148",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
          },
          {
            "name": "61552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61552"
          },
          {
            "name": "61780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61780"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200223"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
          },
          {
            "name": "62228",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62228"
          },
          {
            "name": "HPSBGN03138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
          },
          {
            "name": "60044",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60044"
          },
          {
            "name": "61291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61291"
          },
          {
            "name": "HPSBHF03125",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
          },
          {
            "name": "61287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61287"
          },
          {
            "name": "HPSBGN03233",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "SSRT101739",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61711"
          },
          {
            "name": "HPSBOV03228",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
          },
          {
            "name": "APPLE-SA-2015-01-27-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
          },
          {
            "name": "HPSBGN03141",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
          },
          {
            "name": "RHSA-2014:1311",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
          },
          {
            "name": "61128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61128"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200217"
          },
          {
            "name": "61471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61471"
          },
          {
            "name": "60055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60055"
          },
          {
            "name": "61550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61550"
          },
          {
            "name": "61633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61633"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
          },
          {
            "name": "SUSE-SU-2014:1259",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
          },
          {
            "name": "61328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
          },
          {
            "name": "61129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61129"
          },
          {
            "name": "61603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61603"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted use of here documents, aka the \"redir_stack\" issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
        },
        {
          "name": "HPSBMU03165",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
        },
        {
          "name": "HPSBST03131",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
        },
        {
          "name": "SSRT101819",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
        },
        {
          "name": "HPSBMU03245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2014:1229",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
        },
        {
          "name": "61188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61188"
        },
        {
          "name": "JVN#55667175",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
        },
        {
          "name": "openSUSE-SU-2014:1254",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
        },
        {
          "name": "60433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60433"
        },
        {
          "name": "[oss-security] 20140925 Fwd: Non-upstream patches for bash",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2014/09/25/32"
        },
        {
          "name": "HPSBMU03143",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
        },
        {
          "name": "HPSBMU03182",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
        },
        {
          "name": "HPSBST03155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
        },
        {
          "name": "61636",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61636"
        },
        {
          "name": "61816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61816"
        },
        {
          "name": "61442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61442"
        },
        {
          "name": "HPSBMU03246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
        },
        {
          "name": "61283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61283"
        },
        {
          "name": "SSRT101711",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "name": "APPLE-SA-2015-09-30-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
        },
        {
          "name": "61654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61654"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
        },
        {
          "name": "62312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62312"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
        },
        {
          "name": "HPSBMU03217",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "RHSA-2014:1312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
        },
        {
          "name": "SSRT101868",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61703"
        },
        {
          "name": "USN-2364-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2364-1"
        },
        {
          "name": "61065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61065"
        },
        {
          "name": "HPSBST03129",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
        },
        {
          "name": "HPSBMU03144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
        },
        {
          "name": "JVNDB-2014-000126",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
        },
        {
          "name": "SSRT101827",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "61641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61641"
        },
        {
          "name": "SUSE-SU-2014:1247",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
        },
        {
          "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
        },
        {
          "name": "MDVSA-2015:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT205267"
        },
        {
          "name": "HPSBMU03220",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "60024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
        },
        {
          "name": "61622",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61622"
        },
        {
          "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/security/cve/CVE-2014-7186.html"
        },
        {
          "name": "[oss-security] 20140928 Re: CVE-2014-6271: remote code execution through bash",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2014/09/28/10"
        },
        {
          "name": "62343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62343"
        },
        {
          "name": "61565",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/support/shellshock/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/HT204244"
        },
        {
          "name": "HPSBST03157",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
        },
        {
          "name": "61313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61313"
        },
        {
          "name": "SSRT101830",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
        },
        {
          "name": "SSRT101742",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "61873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61873"
        },
        {
          "name": "[oss-security] 20140926 Re: Fwd: Non-upstream patches for bash",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2014/09/26/2"
        },
        {
          "name": "61485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61485"
        },
        {
          "name": "openSUSE-SU-2014:1242",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
        },
        {
          "name": "61618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61618"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
        },
        {
          "name": "HPSBST03154",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
        },
        {
          "name": "HPSBGN03142",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
        },
        {
          "name": "61312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61312"
        },
        {
          "name": "60193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
        },
        {
          "name": "61479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61479"
        },
        {
          "name": "60063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60063"
        },
        {
          "name": "60034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60034"
        },
        {
          "name": "59907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59907"
        },
        {
          "name": "58200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58200"
        },
        {
          "name": "HPSBST03181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
        },
        {
          "name": "61643",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61643"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
        },
        {
          "name": "61503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
        },
        {
          "name": "RHSA-2014:1354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
        },
        {
          "name": "HPSBMU03236",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
        },
        {
          "name": "HPSBST03148",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
        },
        {
          "name": "61552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61552"
        },
        {
          "name": "61780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61780"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200223"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
        },
        {
          "name": "62228",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62228"
        },
        {
          "name": "HPSBGN03138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
        },
        {
          "name": "60044",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60044"
        },
        {
          "name": "61291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61291"
        },
        {
          "name": "HPSBHF03125",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
        },
        {
          "name": "61287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61287"
        },
        {
          "name": "HPSBGN03233",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "SSRT101739",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61711"
        },
        {
          "name": "HPSBOV03228",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
        },
        {
          "name": "APPLE-SA-2015-01-27-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
        },
        {
          "name": "HPSBGN03141",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
        },
        {
          "name": "RHSA-2014:1311",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
        },
        {
          "name": "61128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61128"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200217"
        },
        {
          "name": "61471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61471"
        },
        {
          "name": "60055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60055"
        },
        {
          "name": "61550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61550"
        },
        {
          "name": "61633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61633"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
        },
        {
          "name": "SUSE-SU-2014:1259",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
        },
        {
          "name": "61328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
        },
        {
          "name": "61129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61129"
        },
        {
          "name": "61603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61603"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-7186",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted use of here documents, aka the \"redir_stack\" issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
            },
            {
              "name": "HPSBMU03165",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
            },
            {
              "name": "HPSBST03131",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
            },
            {
              "name": "SSRT101819",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
            },
            {
              "name": "HPSBMU03245",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2014:1229",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
            },
            {
              "name": "61188",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61188"
            },
            {
              "name": "JVN#55667175",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
            },
            {
              "name": "openSUSE-SU-2014:1254",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
            },
            {
              "name": "60433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60433"
            },
            {
              "name": "[oss-security] 20140925 Fwd: Non-upstream patches for bash",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2014/09/25/32"
            },
            {
              "name": "HPSBMU03143",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
            },
            {
              "name": "HPSBMU03182",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
            },
            {
              "name": "HPSBST03155",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
            },
            {
              "name": "61636",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61636"
            },
            {
              "name": "61816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61816"
            },
            {
              "name": "61442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61442"
            },
            {
              "name": "HPSBMU03246",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
            },
            {
              "name": "61283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61283"
            },
            {
              "name": "SSRT101711",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "APPLE-SA-2015-09-30-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
            },
            {
              "name": "61654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61654"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
            },
            {
              "name": "62312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62312"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
            },
            {
              "name": "HPSBMU03217",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "RHSA-2014:1312",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
            },
            {
              "name": "SSRT101868",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61703",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61703"
            },
            {
              "name": "USN-2364-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2364-1"
            },
            {
              "name": "61065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61065"
            },
            {
              "name": "HPSBST03129",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
            },
            {
              "name": "HPSBMU03144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
            },
            {
              "name": "JVNDB-2014-000126",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
            },
            {
              "name": "SSRT101827",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "61641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61641"
            },
            {
              "name": "SUSE-SU-2014:1247",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
            },
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
            },
            {
              "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
            },
            {
              "name": "MDVSA-2015:164",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
            },
            {
              "name": "https://support.apple.com/HT205267",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT205267"
            },
            {
              "name": "HPSBMU03220",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "60024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60024"
            },
            {
              "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
            },
            {
              "name": "61622",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61622"
            },
            {
              "name": "20140926 GNU Bash Environment Variable Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
            },
            {
              "name": "http://support.novell.com/security/cve/CVE-2014-7186.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/security/cve/CVE-2014-7186.html"
            },
            {
              "name": "[oss-security] 20140928 Re: CVE-2014-6271: remote code execution through bash",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2014/09/28/10"
            },
            {
              "name": "62343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62343"
            },
            {
              "name": "61565",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61565"
            },
            {
              "name": "https://www.suse.com/support/shellshock/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/support/shellshock/"
            },
            {
              "name": "http://support.apple.com/HT204244",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/HT204244"
            },
            {
              "name": "HPSBST03157",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
            },
            {
              "name": "61313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61313"
            },
            {
              "name": "SSRT101830",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
            },
            {
              "name": "SSRT101742",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "61873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61873"
            },
            {
              "name": "[oss-security] 20140926 Re: Fwd: Non-upstream patches for bash",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2014/09/26/2"
            },
            {
              "name": "61485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61485"
            },
            {
              "name": "openSUSE-SU-2014:1242",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
            },
            {
              "name": "61618",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61618"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
            },
            {
              "name": "HPSBST03154",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
            },
            {
              "name": "HPSBGN03142",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
            },
            {
              "name": "61312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61312"
            },
            {
              "name": "60193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60193"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
            },
            {
              "name": "61479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61479"
            },
            {
              "name": "60063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60063"
            },
            {
              "name": "60034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60034"
            },
            {
              "name": "59907",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59907"
            },
            {
              "name": "58200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58200"
            },
            {
              "name": "HPSBST03181",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
            },
            {
              "name": "61643",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61643"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015721",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
            },
            {
              "name": "61503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61503"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
            },
            {
              "name": "RHSA-2014:1354",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
            },
            {
              "name": "HPSBMU03236",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
            },
            {
              "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
              "refsource": "CONFIRM",
              "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
            },
            {
              "name": "HPSBST03148",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
            },
            {
              "name": "61552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61552"
            },
            {
              "name": "61780",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61780"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
            },
            {
              "name": "https://support.citrix.com/article/CTX200223",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200223"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
            },
            {
              "name": "62228",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62228"
            },
            {
              "name": "HPSBGN03138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
            },
            {
              "name": "60044",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60044"
            },
            {
              "name": "61291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61291"
            },
            {
              "name": "HPSBHF03125",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
            },
            {
              "name": "61287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61287"
            },
            {
              "name": "HPSBGN03233",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "SSRT101739",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61711",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61711"
            },
            {
              "name": "HPSBOV03228",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
            },
            {
              "name": "APPLE-SA-2015-01-27-4",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
            },
            {
              "name": "HPSBGN03141",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
            },
            {
              "name": "RHSA-2014:1311",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
            },
            {
              "name": "61128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61128"
            },
            {
              "name": "https://support.citrix.com/article/CTX200217",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200217"
            },
            {
              "name": "61471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61471"
            },
            {
              "name": "60055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60055"
            },
            {
              "name": "61550",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61550"
            },
            {
              "name": "61633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61633"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
            },
            {
              "name": "SUSE-SU-2014:1259",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
            },
            {
              "name": "61328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
            },
            {
              "name": "61129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61129"
            },
            {
              "name": "61603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61603"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-7186",
    "datePublished": "2014-09-28T19:00:00",
    "dateReserved": "2014-09-25T00:00:00",
    "dateUpdated": "2024-08-06T12:40:19.198Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0423 (GCVE-0-2014-0423)

Vulnerability from cvelistv5

Published

2014-01-15 02:50

Modified

2024-08-06 09:13

Severity ?

CWE

n/a

Summary

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.

References

URL

Tags

	http://secunia.com/advisories/56432	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/90340	vdb-entry, x_refsource_XF
	https://access.redhat.com/errata/RHSA-2014:0414	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2014-0136.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=139402749111889&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-0135.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/64914	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/56535	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2089-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1053066	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0030.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2014-0097.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/56485	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=139402697611681&w=2	vendor-advisory, x_refsource_HP
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777	x_refsource_CONFIRM
	http://secunia.com/advisories/59283	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=139402697611681&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-0027.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/56486	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=139402749111889&w=2	vendor-advisory, x_refsource_HP
	http://www.securitytracker.com/id/1029608	vdb-entry, x_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-2124-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/56487	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=swg21677388	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0026.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21679287	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/64758	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/60568	third-party-advisory, x_refsource_SECUNIA
	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0134.html	vendor-advisory, x_refsource_REDHAT
	http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:13:10.491Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "56432",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56432"
          },
          {
            "name": "oracle-cpujan2014-cve20140423(90340)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90340"
          },
          {
            "name": "RHSA-2014:0414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2014:0414"
          },
          {
            "name": "RHSA-2014:0136",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
          },
          {
            "name": "openSUSE-SU-2014:0174",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
          },
          {
            "name": "SSRT101455",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
          },
          {
            "name": "RHSA-2014:0135",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
          },
          {
            "name": "64914",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64914"
          },
          {
            "name": "56535",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56535"
          },
          {
            "name": "USN-2089-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2089-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066"
          },
          {
            "name": "RHSA-2014:0030",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
          },
          {
            "name": "RHSA-2014:0097",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
          },
          {
            "name": "56485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56485"
          },
          {
            "name": "SSRT101454",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
          },
          {
            "name": "59283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59283"
          },
          {
            "name": "HPSBUX02972",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
          },
          {
            "name": "RHSA-2014:0027",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
          },
          {
            "name": "56486",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56486"
          },
          {
            "name": "SUSE-SU-2014:0451",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
          },
          {
            "name": "HPSBUX02973",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
          },
          {
            "name": "1029608",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1029608"
          },
          {
            "name": "USN-2124-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2124-1"
          },
          {
            "name": "56487",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56487"
          },
          {
            "name": "SUSE-SU-2014:0266",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
          },
          {
            "name": "RHSA-2014:0026",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679287"
          },
          {
            "name": "64758",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64758"
          },
          {
            "name": "SUSE-SU-2014:0246",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
          },
          {
            "name": "60568",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60568"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
          },
          {
            "name": "RHSA-2014:0134",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5"
          },
          {
            "name": "openSUSE-SU-2014:0180",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
          },
          {
            "name": "openSUSE-SU-2014:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans.  NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "56432",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56432"
        },
        {
          "name": "oracle-cpujan2014-cve20140423(90340)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90340"
        },
        {
          "name": "RHSA-2014:0414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2014:0414"
        },
        {
          "name": "RHSA-2014:0136",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
        },
        {
          "name": "openSUSE-SU-2014:0174",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
        },
        {
          "name": "SSRT101455",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
        },
        {
          "name": "RHSA-2014:0135",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
        },
        {
          "name": "64914",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64914"
        },
        {
          "name": "56535",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56535"
        },
        {
          "name": "USN-2089-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2089-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066"
        },
        {
          "name": "RHSA-2014:0030",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
        },
        {
          "name": "RHSA-2014:0097",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
        },
        {
          "name": "56485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56485"
        },
        {
          "name": "SSRT101454",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
        },
        {
          "name": "59283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59283"
        },
        {
          "name": "HPSBUX02972",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
        },
        {
          "name": "RHSA-2014:0027",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
        },
        {
          "name": "56486",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56486"
        },
        {
          "name": "SUSE-SU-2014:0451",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
        },
        {
          "name": "HPSBUX02973",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
        },
        {
          "name": "1029608",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1029608"
        },
        {
          "name": "USN-2124-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2124-1"
        },
        {
          "name": "56487",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56487"
        },
        {
          "name": "SUSE-SU-2014:0266",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
        },
        {
          "name": "RHSA-2014:0026",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679287"
        },
        {
          "name": "64758",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64758"
        },
        {
          "name": "SUSE-SU-2014:0246",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
        },
        {
          "name": "60568",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60568"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
        },
        {
          "name": "RHSA-2014:0134",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5"
        },
        {
          "name": "openSUSE-SU-2014:0180",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
        },
        {
          "name": "openSUSE-SU-2014:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2014-0423",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans.  NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "56432",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56432"
            },
            {
              "name": "oracle-cpujan2014-cve20140423(90340)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90340"
            },
            {
              "name": "RHSA-2014:0414",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2014:0414"
            },
            {
              "name": "RHSA-2014:0136",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
            },
            {
              "name": "openSUSE-SU-2014:0174",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
            },
            {
              "name": "SSRT101455",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
            },
            {
              "name": "RHSA-2014:0135",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
            },
            {
              "name": "64914",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/64914"
            },
            {
              "name": "56535",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56535"
            },
            {
              "name": "USN-2089-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2089-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066"
            },
            {
              "name": "RHSA-2014:0030",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
            },
            {
              "name": "RHSA-2014:0097",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
            },
            {
              "name": "56485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56485"
            },
            {
              "name": "SSRT101454",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
            },
            {
              "name": "59283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59283"
            },
            {
              "name": "HPSBUX02972",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
            },
            {
              "name": "RHSA-2014:0027",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
            },
            {
              "name": "56486",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56486"
            },
            {
              "name": "SUSE-SU-2014:0451",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
            },
            {
              "name": "HPSBUX02973",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
            },
            {
              "name": "1029608",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1029608"
            },
            {
              "name": "USN-2124-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2124-1"
            },
            {
              "name": "56487",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56487"
            },
            {
              "name": "SUSE-SU-2014:0266",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
            },
            {
              "name": "RHSA-2014:0026",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679287",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679287"
            },
            {
              "name": "64758",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/64758"
            },
            {
              "name": "SUSE-SU-2014:0246",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
            },
            {
              "name": "60568",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60568"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
            },
            {
              "name": "RHSA-2014:0134",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
            },
            {
              "name": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5",
              "refsource": "CONFIRM",
              "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5"
            },
            {
              "name": "openSUSE-SU-2014:0180",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
            },
            {
              "name": "openSUSE-SU-2014:0177",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2014-0423",
    "datePublished": "2014-01-15T02:50:00",
    "dateReserved": "2013-12-12T00:00:00",
    "dateUpdated": "2024-08-06T09:13:10.491Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-4833 (GCVE-0-2014-4833)

Vulnerability from cvelistv5

Published

2014-10-19 01:00

Modified

2024-08-06 11:27

Severity ?

CWE

n/a

Summary

IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote authenticated users to gain privileges via invalid input.

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilities/95583	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21686478	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:27:36.874Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-qvm-cve20144833-priv-esc(95583)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95583"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote authenticated users to gain privileges via invalid input."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-qvm-cve20144833-priv-esc(95583)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95583"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-4833",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote authenticated users to gain privileges via invalid input."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-qvm-cve20144833-priv-esc(95583)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95583"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-4833",
    "datePublished": "2014-10-19T01:00:00",
    "dateReserved": "2014-07-09T00:00:00",
    "dateUpdated": "2024-08-06T11:27:36.874Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-2329 (GCVE-0-2012-2329)

Vulnerability from cvelistv5

Published

2012-05-11 10:00

Modified

2024-08-06 19:34

Severity ?

CWE

n/a

Summary

Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.

References

URL

Tags

	https://bugs.php.net/bug.php?id=61807	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/75545	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/49014	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=820000	x_refsource_CONFIRM
	http://www.php.net/archive/2012.php#id2012-05-08-1	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/53455	vdb-entry, x_refsource_BID
	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862	vendor-advisory, x_refsource_HP
	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862	vendor-advisory, x_refsource_HP
	http://www.php.net/ChangeLog-5.php#5.4.3	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:34:23.733Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=61807"
          },
          {
            "name": "php-apacherequestheaders-bo(75545)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75545"
          },
          {
            "name": "49014",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49014"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=820000"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/archive/2012.php#id2012-05-08-1"
          },
          {
            "name": "53455",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/53455"
          },
          {
            "name": "SSRT100992",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
          },
          {
            "name": "HPSBMU02900",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php#5.4.3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-05-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=61807"
        },
        {
          "name": "php-apacherequestheaders-bo(75545)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75545"
        },
        {
          "name": "49014",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49014"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=820000"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/archive/2012.php#id2012-05-08-1"
        },
        {
          "name": "53455",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/53455"
        },
        {
          "name": "SSRT100992",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
        },
        {
          "name": "HPSBMU02900",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php#5.4.3"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-2329",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.php.net/bug.php?id=61807",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=61807"
            },
            {
              "name": "php-apacherequestheaders-bo(75545)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75545"
            },
            {
              "name": "49014",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49014"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=820000",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=820000"
            },
            {
              "name": "http://www.php.net/archive/2012.php#id2012-05-08-1",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/archive/2012.php#id2012-05-08-1"
            },
            {
              "name": "53455",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/53455"
            },
            {
              "name": "SSRT100992",
              "refsource": "HP",
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
            },
            {
              "name": "HPSBMU02900",
              "refsource": "HP",
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php#5.4.3",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-5.php#5.4.3"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-2329",
    "datePublished": "2012-05-11T10:00:00",
    "dateReserved": "2012-04-19T00:00:00",
    "dateUpdated": "2024-08-06T19:34:23.733Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3435 (GCVE-0-2010-3435)

Vulnerability from cvelistv5

Published

2011-01-24 17:00

Modified

2024-08-07 03:11

Severity ?

CWE

n/a

Summary

The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.

References

URL

Tags

	http://openwall.com/lists/oss-security/2010/09/27/5	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2010/09/21/3	mailing-list, x_refsource_MLIST
	http://security.gentoo.org/glsa/glsa-201206-31.xml	vendor-advisory, x_refsource_GENTOO
	http://lists.vmware.com/pipermail/security-announce/2011/000126.html	mailing-list, x_refsource_MLIST
	http://www.vupen.com/english/advisories/2011/0606	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/516909/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.openwall.com/lists/oss-security/2010/09/24/2	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2010/09/27/10	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2010/09/27/4	mailing-list, x_refsource_MLIST
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:220	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/49711	third-party-advisory, x_refsource_SECUNIA
	http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2010/09/27/7	mailing-list, x_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2010-0891.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=641335	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2010/10/25/2	mailing-list, x_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2010-0819.html	vendor-advisory, x_refsource_REDHAT
	http://www.vmware.com/security/advisories/VMSA-2011-0004.html	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2010/09/27/8	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:11:44.348Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/27/5"
          },
          {
            "name": "[oss-security] 20100921 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/21/3"
          },
          {
            "name": "GLSA-201206-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201206-31.xml"
          },
          {
            "name": "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2011/000126.html"
          },
          {
            "name": "ADV-2011-0606",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0606"
          },
          {
            "name": "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516909/100/0/threaded"
          },
          {
            "name": "[oss-security] 20100924 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/09/24/2"
          },
          {
            "name": "[oss-security] 20100928 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/27/10"
          },
          {
            "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/27/4"
          },
          {
            "name": "MDVSA-2010:220",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220"
          },
          {
            "name": "49711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49711"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6"
          },
          {
            "name": "[oss-security] 20100928 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/27/7"
          },
          {
            "name": "RHSA-2010:0891",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0891.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=641335"
          },
          {
            "name": "[oss-security] 20101025 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/10/25/2"
          },
          {
            "name": "RHSA-2010:0819",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0819.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html"
          },
          {
            "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/09/27/8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user\u0027s home directory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/27/5"
        },
        {
          "name": "[oss-security] 20100921 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/21/3"
        },
        {
          "name": "GLSA-201206-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201206-31.xml"
        },
        {
          "name": "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2011/000126.html"
        },
        {
          "name": "ADV-2011-0606",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0606"
        },
        {
          "name": "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516909/100/0/threaded"
        },
        {
          "name": "[oss-security] 20100924 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/09/24/2"
        },
        {
          "name": "[oss-security] 20100928 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/27/10"
        },
        {
          "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/27/4"
        },
        {
          "name": "MDVSA-2010:220",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220"
        },
        {
          "name": "49711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49711"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6"
        },
        {
          "name": "[oss-security] 20100928 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/27/7"
        },
        {
          "name": "RHSA-2010:0891",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0891.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=641335"
        },
        {
          "name": "[oss-security] 20101025 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/10/25/2"
        },
        {
          "name": "RHSA-2010:0819",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0819.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html"
        },
        {
          "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/09/27/8"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-3435",
    "datePublished": "2011-01-24T17:00:00",
    "dateReserved": "2010-09-17T00:00:00",
    "dateUpdated": "2024-08-07T03:11:44.348Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-0791 (GCVE-0-2013-0791)

Vulnerability from cvelistv5

Published

2013-04-03 10:00

Modified

2024-08-06 14:41

Severity ?

CWE

n/a

Summary

The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.

References

URL

Tags

	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-1791-1	vendor-advisory, x_refsource_UBUNTU
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17150	vdb-entry, signature, x_refsource_OVAL
	http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-1135.html	vendor-advisory, x_refsource_REDHAT
	http://www.mozilla.org/security/announce/2013/mfsa2013-40.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/58826	vdb-entry, x_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2013-1144.html	vendor-advisory, x_refsource_REDHAT
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.mozilla.org/show_bug.cgi?id=629816	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:41:47.091Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "name": "SUSE-SU-2013:0850",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html"
          },
          {
            "name": "USN-1791-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1791-1"
          },
          {
            "name": "oval:org.mitre.oval:def:17150",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17150"
          },
          {
            "name": "openSUSE-SU-2013:0630",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html"
          },
          {
            "name": "RHSA-2013:1135",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1135.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-40.html"
          },
          {
            "name": "58826",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/58826"
          },
          {
            "name": "RHSA-2013:1144",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1144.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
          },
          {
            "name": "openSUSE-SU-2013:0631",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=629816"
          },
          {
            "name": "SUSE-SU-2013:0645",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
        },
        {
          "name": "SUSE-SU-2013:0850",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html"
        },
        {
          "name": "USN-1791-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1791-1"
        },
        {
          "name": "oval:org.mitre.oval:def:17150",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17150"
        },
        {
          "name": "openSUSE-SU-2013:0630",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html"
        },
        {
          "name": "RHSA-2013:1135",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1135.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-40.html"
        },
        {
          "name": "58826",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/58826"
        },
        {
          "name": "RHSA-2013:1144",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1144.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
        },
        {
          "name": "openSUSE-SU-2013:0631",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=629816"
        },
        {
          "name": "SUSE-SU-2013:0645",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@mozilla.org",
          "ID": "CVE-2013-0791",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
            },
            {
              "name": "SUSE-SU-2013:0850",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html"
            },
            {
              "name": "USN-1791-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1791-1"
            },
            {
              "name": "oval:org.mitre.oval:def:17150",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17150"
            },
            {
              "name": "openSUSE-SU-2013:0630",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html"
            },
            {
              "name": "RHSA-2013:1135",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1135.html"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2013/mfsa2013-40.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-40.html"
            },
            {
              "name": "58826",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/58826"
            },
            {
              "name": "RHSA-2013:1144",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1144.html"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
            },
            {
              "name": "openSUSE-SU-2013:0631",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=629816",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=629816"
            },
            {
              "name": "SUSE-SU-2013:0645",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2013-0791",
    "datePublished": "2013-04-03T10:00:00",
    "dateReserved": "2013-01-02T00:00:00",
    "dateUpdated": "2024-08-06T14:41:47.091Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0010 (GCVE-0-2011-0010)

Vulnerability from cvelistv5

Published

2011-01-18 17:00

Modified

2024-08-06 21:36

Severity ?

CWE

n/a

Summary

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.

References

URL

Tags

	http://www.vupen.com/english/advisories/2011/0362	vdb-entry, x_refsource_VUPEN
	http://www.sudo.ws/sudo/alerts/runas_group_pw.html	x_refsource_CONFIRM
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-201203-06.xml	vendor-advisory, x_refsource_GENTOO
	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593654	vendor-advisory, x_refsource_SLACKWARE
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:018	vendor-advisory, x_refsource_MANDRIVA
	http://www.sudo.ws/repos/sudo/rev/07d1b0ce530e	x_refsource_MISC
	http://www.vupen.com/english/advisories/2011/0089	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/42949	third-party-advisory, x_refsource_SECUNIA
	http://openwall.com/lists/oss-security/2011/01/11/3	mailing-list, x_refsource_MLIST
	http://www.vupen.com/english/advisories/2011/0182	vdb-entry, x_refsource_VUPEN
	http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html	vendor-advisory, x_refsource_FEDORA
	http://www.vupen.com/english/advisories/2011/0199	vdb-entry, x_refsource_VUPEN
	http://www.ubuntu.com/usn/USN-1046-1	vendor-advisory, x_refsource_UBUNTU
	http://www.redhat.com/support/errata/RHSA-2011-0599.html	vendor-advisory, x_refsource_REDHAT
	http://openwall.com/lists/oss-security/2011/01/12/1	mailing-list, x_refsource_MLIST
	http://www.osvdb.org/70400	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/42886	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64636	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/45774	vdb-entry, x_refsource_BID
	http://openwall.com/lists/oss-security/2011/01/12/3	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/43282	third-party-advisory, x_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html	vendor-advisory, x_refsource_FEDORA
	http://www.sudo.ws/repos/sudo/rev/fe8a94f96542	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0195	vdb-entry, x_refsource_VUPEN
	https://bugzilla.redhat.com/show_bug.cgi?id=668879	x_refsource_CONFIRM
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609641	x_refsource_CONFIRM
	http://secunia.com/advisories/42968	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:36:02.385Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0362",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0362"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/sudo/alerts/runas_group_pw.html"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "GLSA-201203-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201203-06.xml"
          },
          {
            "name": "SSA:2011-041-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.593654"
          },
          {
            "name": "MDVSA-2011:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:018"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/repos/sudo/rev/07d1b0ce530e"
          },
          {
            "name": "ADV-2011-0089",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0089"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "42949",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42949"
          },
          {
            "name": "[oss-security] 20110111 CVE request: sudo does not ask for password on GID changes",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/01/11/3"
          },
          {
            "name": "ADV-2011-0182",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0182"
          },
          {
            "name": "FEDORA-2011-0470",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html"
          },
          {
            "name": "ADV-2011-0199",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0199"
          },
          {
            "name": "USN-1046-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1046-1"
          },
          {
            "name": "RHSA-2011:0599",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0599.html"
          },
          {
            "name": "[oss-security] 20110112 Re: CVE request: sudo does not ask for password on GID changes",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/01/12/1"
          },
          {
            "name": "70400",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/70400"
          },
          {
            "name": "42886",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42886"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "sudo-groupid-privilege-escalation(64636)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64636"
          },
          {
            "name": "45774",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/45774"
          },
          {
            "name": "[oss-security] 20110112 Re: CVE request: sudo does not ask for password on GID changes",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/01/12/3"
          },
          {
            "name": "43282",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43282"
          },
          {
            "name": "FEDORA-2011-0455",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/repos/sudo/rev/fe8a94f96542"
          },
          {
            "name": "ADV-2011-0195",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0195"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=668879"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609641"
          },
          {
            "name": "42968",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42968"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-01-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T18:57:02",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "ADV-2011-0362",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0362"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/sudo/alerts/runas_group_pw.html"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "GLSA-201203-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201203-06.xml"
        },
        {
          "name": "SSA:2011-041-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.593654"
        },
        {
          "name": "MDVSA-2011:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:018"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.sudo.ws/repos/sudo/rev/07d1b0ce530e"
        },
        {
          "name": "ADV-2011-0089",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0089"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "42949",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42949"
        },
        {
          "name": "[oss-security] 20110111 CVE request: sudo does not ask for password on GID changes",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/01/11/3"
        },
        {
          "name": "ADV-2011-0182",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0182"
        },
        {
          "name": "FEDORA-2011-0470",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html"
        },
        {
          "name": "ADV-2011-0199",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0199"
        },
        {
          "name": "USN-1046-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1046-1"
        },
        {
          "name": "RHSA-2011:0599",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0599.html"
        },
        {
          "name": "[oss-security] 20110112 Re: CVE request: sudo does not ask for password on GID changes",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/01/12/1"
        },
        {
          "name": "70400",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/70400"
        },
        {
          "name": "42886",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42886"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "name": "sudo-groupid-privilege-escalation(64636)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64636"
        },
        {
          "name": "45774",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/45774"
        },
        {
          "name": "[oss-security] 20110112 Re: CVE request: sudo does not ask for password on GID changes",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/01/12/3"
        },
        {
          "name": "43282",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43282"
        },
        {
          "name": "FEDORA-2011-0455",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/repos/sudo/rev/fe8a94f96542"
        },
        {
          "name": "ADV-2011-0195",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0195"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=668879"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609641"
        },
        {
          "name": "42968",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42968"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-0010",
    "datePublished": "2011-01-18T17:00:00",
    "dateReserved": "2010-12-07T00:00:00",
    "dateUpdated": "2024-08-06T21:36:02.385Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0096 (GCVE-0-2014-0096)

Vulnerability from cvelistv5

Published

2014-05-31 10:00

Modified

2024-08-06 09:05

Severity ?

CWE

n/a

Summary

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

References

URL

Tags

	http://advisories.mageia.org/MGASA-2014-0268.html	x_refsource_CONFIRM
	http://www.novell.com/support/kb/doc.php?id=7010166	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/67667	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/59121	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2015-0765.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59732	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59835	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2015-0675.html	vendor-advisory, x_refsource_REDHAT
	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21681528	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:052	vendor-advisory, x_refsource_MANDRIVA
	http://rhn.redhat.com/errata/RHSA-2015-0720.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59849	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-0865.html	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1578637	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:084	vendor-advisory, x_refsource_MANDRIVA
	http://www.securitytracker.com/id/1030301	vdb-entry, x_refsource_SECTRACK
	http://www.debian.org/security/2016/dsa-3530	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/59678	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141017844705317&w=2	vendor-advisory, x_refsource_HP
	http://tomcat.apache.org/security-7.html	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/534161/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:053	vendor-advisory, x_refsource_MANDRIVA
	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html	vendor-advisory, x_refsource_FEDORA
	http://tomcat.apache.org/security-8.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21678231	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1585853	x_refsource_CONFIRM
	http://secunia.com/advisories/59616	third-party-advisory, x_refsource_SECUNIA
	http://seclists.org/fulldisclosure/2014/May/135	mailing-list, x_refsource_FULLDISC
	http://tomcat.apache.org/security-6.html	x_refsource_CONFIRM
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1578655	x_refsource_CONFIRM
	http://secunia.com/advisories/59873	third-party-advisory, x_refsource_SECUNIA
	http://seclists.org/fulldisclosure/2014/Dec/23	mailing-list, x_refsource_FULLDISC
	http://marc.info/?l=bugtraq&m=144498216801440&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141017844705317&w=2	vendor-advisory, x_refsource_HP
	http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1578610	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1578611	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3552	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/60729	third-party-advisory, x_refsource_SECUNIA
	https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:38.741Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7010166"
          },
          {
            "name": "67667",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/67667"
          },
          {
            "name": "59121",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59121"
          },
          {
            "name": "RHSA-2015:0765",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
          },
          {
            "name": "59732",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59732"
          },
          {
            "name": "59835",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59835"
          },
          {
            "name": "RHSA-2015:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
          },
          {
            "name": "MDVSA-2015:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
          },
          {
            "name": "RHSA-2015:0720",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
          },
          {
            "name": "59849",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59849"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-0865.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578637"
          },
          {
            "name": "MDVSA-2015:084",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
          },
          {
            "name": "1030301",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030301"
          },
          {
            "name": "DSA-3530",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3530"
          },
          {
            "name": "59678",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59678"
          },
          {
            "name": "HPSBUX03102",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-7.html"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
          },
          {
            "name": "MDVSA-2015:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "name": "FEDORA-2015-2109",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-8.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1585853"
          },
          {
            "name": "59616",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59616"
          },
          {
            "name": "20140527 [SECURITY] CVE-2014-0096 Apache Tomcat information disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/May/135"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-6.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578655"
          },
          {
            "name": "59873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59873"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
          },
          {
            "name": "HPSBOV03503",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
          },
          {
            "name": "SSRT101681",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578610"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578611"
          },
          {
            "name": "DSA-3552",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3552"
          },
          {
            "name": "60729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60729"
          },
          {
            "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-13T16:09:49",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7010166"
        },
        {
          "name": "67667",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/67667"
        },
        {
          "name": "59121",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59121"
        },
        {
          "name": "RHSA-2015:0765",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
        },
        {
          "name": "59732",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59732"
        },
        {
          "name": "59835",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59835"
        },
        {
          "name": "RHSA-2015:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
        },
        {
          "name": "MDVSA-2015:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
        },
        {
          "name": "RHSA-2015:0720",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
        },
        {
          "name": "59849",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59849"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-0865.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578637"
        },
        {
          "name": "MDVSA-2015:084",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
        },
        {
          "name": "1030301",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030301"
        },
        {
          "name": "DSA-3530",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3530"
        },
        {
          "name": "59678",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59678"
        },
        {
          "name": "HPSBUX03102",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-7.html"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
        },
        {
          "name": "MDVSA-2015:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "name": "FEDORA-2015-2109",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-8.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1585853"
        },
        {
          "name": "59616",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59616"
        },
        {
          "name": "20140527 [SECURITY] CVE-2014-0096 Apache Tomcat information disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/May/135"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-6.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578655"
        },
        {
          "name": "59873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59873"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
        },
        {
          "name": "HPSBOV03503",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
        },
        {
          "name": "SSRT101681",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578610"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578611"
        },
        {
          "name": "DSA-3552",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3552"
        },
        {
          "name": "60729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60729"
        },
        {
          "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-0096",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0268.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0268.html"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7010166",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7010166"
            },
            {
              "name": "67667",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/67667"
            },
            {
              "name": "59121",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59121"
            },
            {
              "name": "RHSA-2015:0765",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
            },
            {
              "name": "59732",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59732"
            },
            {
              "name": "59835",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59835"
            },
            {
              "name": "RHSA-2015:0675",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528"
            },
            {
              "name": "MDVSA-2015:052",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052"
            },
            {
              "name": "RHSA-2015:0720",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
            },
            {
              "name": "59849",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59849"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-0865.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-0865.html"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578637",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578637"
            },
            {
              "name": "MDVSA-2015:084",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084"
            },
            {
              "name": "1030301",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030301"
            },
            {
              "name": "DSA-3530",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3530"
            },
            {
              "name": "59678",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59678"
            },
            {
              "name": "HPSBUX03102",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
            },
            {
              "name": "http://tomcat.apache.org/security-7.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-7.html"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
            },
            {
              "name": "MDVSA-2015:053",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "FEDORA-2015-2109",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html"
            },
            {
              "name": "http://tomcat.apache.org/security-8.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-8.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1585853",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1585853"
            },
            {
              "name": "59616",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59616"
            },
            {
              "name": "20140527 [SECURITY] CVE-2014-0096 Apache Tomcat information disclosure",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/May/135"
            },
            {
              "name": "http://tomcat.apache.org/security-6.html",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-6.html"
            },
            {
              "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013",
              "refsource": "CONFIRM",
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578655",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578655"
            },
            {
              "name": "59873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59873"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
            },
            {
              "name": "HPSBOV03503",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144498216801440\u0026w=2"
            },
            {
              "name": "SSRT101681",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578610",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578610"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578611",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1578611"
            },
            {
              "name": "DSA-3552",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3552"
            },
            {
              "name": "60729",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60729"
            },
            {
              "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0096",
    "datePublished": "2014-05-31T10:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:38.741Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-2532 (GCVE-0-2014-2532)

Vulnerability from cvelistv5

Published

2014-03-18 01:00

Modified

2024-08-06 10:14

Severity ?

CWE

n/a

Summary

sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

References

URL

Tags

	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59855	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/57574	third-party-advisory, x_refsource_SECUNIA
	http://advisories.mageia.org/MGASA-2014-0143.html	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html	vendor-advisory, x_refsource_APPLE
	http://marc.info/?l=bugtraq&m=141576985122836&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141576985122836&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/57488	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:095	vendor-advisory, x_refsource_MANDRIVA
	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	x_refsource_CONFIRM
	http://secunia.com/advisories/59313	third-party-advisory, x_refsource_SECUNIA
	https://support.apple.com/HT205267	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html	vendor-advisory, x_refsource_FEDORA
	http://www.debian.org/security/2014/dsa-2894	vendor-advisory, x_refsource_DEBIAN
	http://rhn.redhat.com/errata/RHSA-2014-1552.html	vendor-advisory, x_refsource_REDHAT
	http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1029925	vdb-entry, x_refsource_SECTRACK
	http://marc.info/?l=openbsd-security-announce&m=139492048027313&w=2	mailing-list, x_refsource_MLIST
	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2155-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html	vendor-advisory, x_refsource_FEDORA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/91986	vdb-entry, x_refsource_XF
	http://www.mandriva.com/security/advisories?name=MDVSA-2014:068	vendor-advisory, x_refsource_MANDRIVA
	http://www.securityfocus.com/bid/66355	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:14:26.611Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
          },
          {
            "name": "59855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59855"
          },
          {
            "name": "57574",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/57574"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0143.html"
          },
          {
            "name": "APPLE-SA-2015-09-30-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
          },
          {
            "name": "HPSBUX03188",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576985122836\u0026w=2"
          },
          {
            "name": "SSRT101487",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576985122836\u0026w=2"
          },
          {
            "name": "57488",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/57488"
          },
          {
            "name": "MDVSA-2015:095",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:095"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "name": "59313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59313"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT205267"
          },
          {
            "name": "FEDORA-2014-6380",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html"
          },
          {
            "name": "DSA-2894",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2894"
          },
          {
            "name": "RHSA-2014:1552",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1552.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc"
          },
          {
            "name": "1029925",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1029925"
          },
          {
            "name": "[security-announce] 20140315 Announce: OpenSSH 6.6 released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=openbsd-security-announce\u0026m=139492048027313\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
          },
          {
            "name": "USN-2155-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2155-1"
          },
          {
            "name": "FEDORA-2014-6569",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html"
          },
          {
            "name": "openssh-cve20142532-sec-bypass(91986)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91986"
          },
          {
            "name": "MDVSA-2014:068",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:068"
          },
          {
            "name": "66355",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/66355"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-03-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
        },
        {
          "name": "59855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59855"
        },
        {
          "name": "57574",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/57574"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0143.html"
        },
        {
          "name": "APPLE-SA-2015-09-30-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
        },
        {
          "name": "HPSBUX03188",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576985122836\u0026w=2"
        },
        {
          "name": "SSRT101487",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576985122836\u0026w=2"
        },
        {
          "name": "57488",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/57488"
        },
        {
          "name": "MDVSA-2015:095",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:095"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "name": "59313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59313"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT205267"
        },
        {
          "name": "FEDORA-2014-6380",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html"
        },
        {
          "name": "DSA-2894",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2894"
        },
        {
          "name": "RHSA-2014:1552",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1552.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc"
        },
        {
          "name": "1029925",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1029925"
        },
        {
          "name": "[security-announce] 20140315 Announce: OpenSSH 6.6 released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=openbsd-security-announce\u0026m=139492048027313\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
        },
        {
          "name": "USN-2155-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2155-1"
        },
        {
          "name": "FEDORA-2014-6569",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html"
        },
        {
          "name": "openssh-cve20142532-sec-bypass(91986)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91986"
        },
        {
          "name": "MDVSA-2014:068",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:068"
        },
        {
          "name": "66355",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/66355"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-2532",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
            },
            {
              "name": "59855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59855"
            },
            {
              "name": "57574",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/57574"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0143.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0143.html"
            },
            {
              "name": "APPLE-SA-2015-09-30-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
            },
            {
              "name": "HPSBUX03188",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576985122836\u0026w=2"
            },
            {
              "name": "SSRT101487",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576985122836\u0026w=2"
            },
            {
              "name": "57488",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/57488"
            },
            {
              "name": "MDVSA-2015:095",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:095"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "59313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59313"
            },
            {
              "name": "https://support.apple.com/HT205267",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT205267"
            },
            {
              "name": "FEDORA-2014-6380",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html"
            },
            {
              "name": "DSA-2894",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2894"
            },
            {
              "name": "RHSA-2014:1552",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1552.html"
            },
            {
              "name": "http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc",
              "refsource": "CONFIRM",
              "url": "http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc"
            },
            {
              "name": "1029925",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1029925"
            },
            {
              "name": "[security-announce] 20140315 Announce: OpenSSH 6.6 released",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=openbsd-security-announce\u0026m=139492048027313\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
            },
            {
              "name": "USN-2155-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2155-1"
            },
            {
              "name": "FEDORA-2014-6569",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html"
            },
            {
              "name": "openssh-cve20142532-sec-bypass(91986)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91986"
            },
            {
              "name": "MDVSA-2014:068",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:068"
            },
            {
              "name": "66355",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/66355"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-2532",
    "datePublished": "2014-03-18T01:00:00",
    "dateReserved": "2014-03-17T00:00:00",
    "dateUpdated": "2024-08-06T10:14:26.611Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2834 (GCVE-0-2011-2834)

Vulnerability from cvelistv5

Published

2011-09-17 10:00

Modified

2024-08-06 23:15

Severity ?

CWE

n/a

Summary

Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

References

URL

Tags

	http://www.mandriva.com/security/advisories?name=MDVSA-2011:145	vendor-advisory, x_refsource_MANDRIVA
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041	vendor-advisory, x_refsource_HP
	http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://osvdb.org/75560	vdb-entry, x_refsource_OSVDB
	http://support.apple.com/kb/HT5503	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-0217.html	vendor-advisory, x_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14410	vdb-entry, signature, x_refsource_OVAL
	http://www.redhat.com/support/errata/RHSA-2011-1749.html	vendor-advisory, x_refsource_REDHAT
	http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=93472	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/69885	vdb-entry, x_refsource_XF
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041	vendor-advisory, x_refsource_HP
	http://support.apple.com/kb/HT5281	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2012/May/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://www.debian.org/security/2012/dsa-2394	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.160Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2011:145",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:145"
          },
          {
            "name": "HPSBMU02786",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "APPLE-SA-2012-09-19-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
          },
          {
            "name": "75560",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/75560"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5503"
          },
          {
            "name": "RHSA-2013:0217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
          },
          {
            "name": "oval:org.mitre.oval:def:14410",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14410"
          },
          {
            "name": "RHSA-2011:1749",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=93472"
          },
          {
            "name": "chrome-libxml-code-execution(69885)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69885"
          },
          {
            "name": "SSRT100877",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5281"
          },
          {
            "name": "APPLE-SA-2012-05-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
          },
          {
            "name": "DSA-2394",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2394"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-09-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "name": "MDVSA-2011:145",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:145"
        },
        {
          "name": "HPSBMU02786",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "APPLE-SA-2012-09-19-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
        },
        {
          "name": "75560",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/75560"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5503"
        },
        {
          "name": "RHSA-2013:0217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
        },
        {
          "name": "oval:org.mitre.oval:def:14410",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14410"
        },
        {
          "name": "RHSA-2011:1749",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=93472"
        },
        {
          "name": "chrome-libxml-code-execution(69885)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69885"
        },
        {
          "name": "SSRT100877",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5281"
        },
        {
          "name": "APPLE-SA-2012-05-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
        },
        {
          "name": "DSA-2394",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2394"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2011-2834",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2011:145",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:145"
            },
            {
              "name": "HPSBMU02786",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "APPLE-SA-2012-09-19-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
            },
            {
              "name": "75560",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/75560"
            },
            {
              "name": "http://support.apple.com/kb/HT5503",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5503"
            },
            {
              "name": "RHSA-2013:0217",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
            },
            {
              "name": "oval:org.mitre.oval:def:14410",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14410"
            },
            {
              "name": "RHSA-2011:1749",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=93472",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=93472"
            },
            {
              "name": "chrome-libxml-code-execution(69885)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69885"
            },
            {
              "name": "SSRT100877",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "http://support.apple.com/kb/HT5281",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5281"
            },
            {
              "name": "APPLE-SA-2012-05-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
            },
            {
              "name": "DSA-2394",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2394"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2011-2834",
    "datePublished": "2011-09-17T10:00:00",
    "dateReserved": "2011-07-20T00:00:00",
    "dateUpdated": "2024-08-06T23:15:31.160Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-4885 (GCVE-0-2011-4885)

Vulnerability from cvelistv5

Published

2011-12-30 01:00

Modified

2024-08-07 00:16

Severity ?

CWE

n/a

Summary

PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

References

URL

Tags

	https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py	x_refsource_MISC
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041	vendor-advisory, x_refsource_HP
	http://www.securitytracker.com/id?1026473	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/47404	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisory, x_refsource_HP
	http://www.nruns.com/_downloads/advisory28122011.pdf	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/72021	vdb-entry, x_refsource_XF
	http://www.exploit-db.com/exploits/18296	exploit, x_refsource_EXPLOIT-DB
	http://www.debian.org/security/2012/dsa-2399	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:197	vendor-advisory, x_refsource_MANDRIVA
	http://www.exploit-db.com/exploits/18305	exploit, x_refsource_EXPLOIT-DB
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/48668	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2012-0019.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/51193	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/903934	third-party-advisory, x_refsource_CERT-VN
	http://svn.php.net/viewvc?view=revision&revision=321003	x_refsource_CONFIRM
	http://svn.php.net/viewvc?view=revision&revision=321040	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2012-0071.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=132871655717248&w=2	vendor-advisory, x_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041	vendor-advisory, x_refsource_HP
	http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html	mailing-list, x_refsource_BUGTRAQ
	http://support.apple.com/kb/HT5281	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=132871655717248&w=2	vendor-advisory, x_refsource_HP
	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	vendor-advisory, x_refsource_MANDRIVA
	http://lists.apple.com/archives/security-announce/2012/May/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://www.ocert.org/advisories/ocert-2011-003.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:16:35.185Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py"
          },
          {
            "name": "HPSBMU02786",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "1026473",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026473"
          },
          {
            "name": "47404",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47404"
          },
          {
            "name": "HPSBOV02763",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"
          },
          {
            "name": "php-hash-dos(72021)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72021"
          },
          {
            "name": "18296",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/18296"
          },
          {
            "name": "DSA-2399",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2399"
          },
          {
            "name": "SUSE-SU-2012:0411",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
          },
          {
            "name": "MDVSA-2011:197",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:197"
          },
          {
            "name": "18305",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/18305"
          },
          {
            "name": "openSUSE-SU-2012:0426",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
          },
          {
            "name": "SSRT100826",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
          },
          {
            "name": "48668",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48668"
          },
          {
            "name": "RHSA-2012:0019",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2012-0019.html"
          },
          {
            "name": "51193",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/51193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
          },
          {
            "name": "VU#903934",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/903934"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.php.net/viewvc?view=revision\u0026revision=321003"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.php.net/viewvc?view=revision\u0026revision=321040"
          },
          {
            "name": "RHSA-2012:0071",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
          },
          {
            "name": "SSRT100728",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2"
          },
          {
            "name": "SSRT100877",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5281"
          },
          {
            "name": "HPSBUX02741",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          },
          {
            "name": "APPLE-SA-2012-05-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ocert.org/advisories/ocert-2011-003.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-12-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-08T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py"
        },
        {
          "name": "HPSBMU02786",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "1026473",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026473"
        },
        {
          "name": "47404",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47404"
        },
        {
          "name": "HPSBOV02763",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"
        },
        {
          "name": "php-hash-dos(72021)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72021"
        },
        {
          "name": "18296",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/18296"
        },
        {
          "name": "DSA-2399",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2399"
        },
        {
          "name": "SUSE-SU-2012:0411",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
        },
        {
          "name": "MDVSA-2011:197",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:197"
        },
        {
          "name": "18305",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/18305"
        },
        {
          "name": "openSUSE-SU-2012:0426",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
        },
        {
          "name": "SSRT100826",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
        },
        {
          "name": "48668",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48668"
        },
        {
          "name": "RHSA-2012:0019",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2012-0019.html"
        },
        {
          "name": "51193",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/51193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
        },
        {
          "name": "VU#903934",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/903934"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.php.net/viewvc?view=revision\u0026revision=321003"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.php.net/viewvc?view=revision\u0026revision=321040"
        },
        {
          "name": "RHSA-2012:0071",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
        },
        {
          "name": "SSRT100728",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2"
        },
        {
          "name": "SSRT100877",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5281"
        },
        {
          "name": "HPSBUX02741",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        },
        {
          "name": "APPLE-SA-2012-05-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ocert.org/advisories/ocert-2011-003.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-4885",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py",
              "refsource": "MISC",
              "url": "https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py"
            },
            {
              "name": "HPSBMU02786",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "1026473",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026473"
            },
            {
              "name": "47404",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/47404"
            },
            {
              "name": "HPSBOV02763",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
            },
            {
              "name": "http://www.nruns.com/_downloads/advisory28122011.pdf",
              "refsource": "MISC",
              "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"
            },
            {
              "name": "php-hash-dos(72021)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72021"
            },
            {
              "name": "18296",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/18296"
            },
            {
              "name": "DSA-2399",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2399"
            },
            {
              "name": "SUSE-SU-2012:0411",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
            },
            {
              "name": "MDVSA-2011:197",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:197"
            },
            {
              "name": "18305",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/18305"
            },
            {
              "name": "openSUSE-SU-2012:0426",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
            },
            {
              "name": "SSRT100826",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
            },
            {
              "name": "48668",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48668"
            },
            {
              "name": "RHSA-2012:0019",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2012-0019.html"
            },
            {
              "name": "51193",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/51193"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
            },
            {
              "name": "VU#903934",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/903934"
            },
            {
              "name": "http://svn.php.net/viewvc?view=revision\u0026revision=321003",
              "refsource": "CONFIRM",
              "url": "http://svn.php.net/viewvc?view=revision\u0026revision=321003"
            },
            {
              "name": "http://svn.php.net/viewvc?view=revision\u0026revision=321040",
              "refsource": "CONFIRM",
              "url": "http://svn.php.net/viewvc?view=revision\u0026revision=321040"
            },
            {
              "name": "RHSA-2012:0071",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
            },
            {
              "name": "SSRT100728",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2"
            },
            {
              "name": "SSRT100877",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5281",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5281"
            },
            {
              "name": "HPSBUX02741",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            },
            {
              "name": "APPLE-SA-2012-05-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
            },
            {
              "name": "http://www.ocert.org/advisories/ocert-2011-003.html",
              "refsource": "MISC",
              "url": "http://www.ocert.org/advisories/ocert-2011-003.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-4885",
    "datePublished": "2011-12-30T01:00:00",
    "dateReserved": "2011-12-21T00:00:00",
    "dateUpdated": "2024-08-07T00:16:35.185Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-0789 (GCVE-0-2012-0789)

Vulnerability from cvelistv5

Published

2012-02-14 15:00

Modified

2024-08-06 18:38

Severity ?

CWE

n/a

Summary

Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache.

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/48668	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=783609	x_refsource_CONFIRM
	http://www.php.net/ChangeLog-5.php#5.3.9	x_refsource_CONFIRM
	https://bugs.php.net/bug.php?id=53502	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:38:14.381Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2012:0411",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
          },
          {
            "name": "openSUSE-SU-2012:0426",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
          },
          {
            "name": "48668",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48668"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=783609"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php#5.3.9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=53502"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-08T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2012:0411",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
        },
        {
          "name": "openSUSE-SU-2012:0426",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
        },
        {
          "name": "48668",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48668"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=783609"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php#5.3.9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=53502"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-0789",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2012:0411",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
            },
            {
              "name": "openSUSE-SU-2012:0426",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
            },
            {
              "name": "48668",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48668"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=783609",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=783609"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php#5.3.9",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-5.php#5.3.9"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=53502",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=53502"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-0789",
    "datePublished": "2012-02-14T15:00:00",
    "dateReserved": "2012-01-19T00:00:00",
    "dateUpdated": "2024-08-06T18:38:14.381Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-4830 (GCVE-0-2014-4830)

Vulnerability from cvelistv5

Published

2014-10-19 01:00

Modified

2024-08-06 11:27

Severity ?

CWE

n/a

Summary

IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilities/95580	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/71077	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg21686478	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:27:36.879Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-qvm-cve20144830-info-disc(95580)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95580"
          },
          {
            "name": "71077",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/71077"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-qvm-cve20144830-info-disc(95580)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95580"
        },
        {
          "name": "71077",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/71077"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-4830",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-qvm-cve20144830-info-disc(95580)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95580"
            },
            {
              "name": "71077",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/71077"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-4830",
    "datePublished": "2014-10-19T01:00:00",
    "dateReserved": "2014-07-09T00:00:00",
    "dateUpdated": "2024-08-06T11:27:36.879Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-0411 (GCVE-0-2014-0411)

Vulnerability from cvelistv5

Published

2014-01-15 02:50

Modified

2024-08-06 09:13

Severity ?

CWE

n/a

Summary

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg21676373	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21669519	x_refsource_CONFIRM
	http://secunia.com/advisories/56432	third-party-advisory, x_refsource_SECUNIA
	https://access.redhat.com/errata/RHSA-2014:0414	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59705	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59324	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2014-0136.html	vendor-advisory, x_refsource_REDHAT
	http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=139402749111889&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-0135.html	vendor-advisory, x_refsource_REDHAT
	https://exchange.xforce.ibmcloud.com/vulnerabilities/90357	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21682904	x_refsource_CONFIRM
	http://secunia.com/advisories/59251	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/56535	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2089-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/59194	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60498	third-party-advisory, x_refsource_SECUNIA
	https://www.ibm.com/support/docview.wss?uid=swg21677913	x_refsource_CONFIRM
	http://secunia.com/advisories/60833	third-party-advisory, x_refsource_SECUNIA
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0030.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2014-0097.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656	x_refsource_CONFIRM
	http://secunia.com/advisories/60005	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60835	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/56485	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/57809	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/64918	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/59071	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=139402697611681&w=2	vendor-advisory, x_refsource_HP
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21675938	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21680387	x_refsource_CONFIRM
	https://www.ibm.com/support/docview.wss?uid=swg21675223	x_refsource_CONFIRM
	http://secunia.com/advisories/59339	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21682671	x_refsource_CONFIRM
	http://secunia.com/advisories/59872	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59283	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=139402697611681&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-0027.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21682669	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg21672078	x_refsource_CONFIRM
	http://secunia.com/advisories/56486	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=139402749111889&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59254	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id/1029608	vdb-entry, x_refsource_SECTRACK
	http://www.ibm.com/support/docview.wss?uid=ssg1S1004745	x_refsource_CONFIRM
	http://secunia.com/advisories/59665	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2124-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/56487	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=swg21677388	x_refsource_CONFIRM
	http://secunia.com/advisories/59037	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59082	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21680234	x_refsource_CONFIRM
	http://osvdb.org/102028	vdb-entry, x_refsource_OSVDB
	http://www-01.ibm.com/support/docview.wss?uid=swg21676978	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0026.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1053010	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/64758	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/59704	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21682668	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html	x_refsource_CONFIRM
	http://secunia.com/advisories/60836	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2014-0134.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21676190	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21682670	x_refsource_CONFIRM
	http://secunia.com/advisories/59235	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:13:10.517Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669519"
          },
          {
            "name": "56432",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56432"
          },
          {
            "name": "RHSA-2014:0414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2014:0414"
          },
          {
            "name": "59705",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59705"
          },
          {
            "name": "59324",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59324"
          },
          {
            "name": "RHSA-2014:0136",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc"
          },
          {
            "name": "openSUSE-SU-2014:0174",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
          },
          {
            "name": "SSRT101455",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
          },
          {
            "name": "RHSA-2014:0135",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
          },
          {
            "name": "oracle-cpujan2014-cve20140411(90357)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90357"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682904"
          },
          {
            "name": "59251",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59251"
          },
          {
            "name": "56535",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56535"
          },
          {
            "name": "USN-2089-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2089-1"
          },
          {
            "name": "59194",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59194"
          },
          {
            "name": "60498",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60498"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/docview.wss?uid=swg21677913"
          },
          {
            "name": "60833",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60833"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
          },
          {
            "name": "RHSA-2014:0030",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
          },
          {
            "name": "RHSA-2014:0097",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656"
          },
          {
            "name": "60005",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60005"
          },
          {
            "name": "60835",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60835"
          },
          {
            "name": "56485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56485"
          },
          {
            "name": "57809",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/57809"
          },
          {
            "name": "64918",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64918"
          },
          {
            "name": "59071",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59071"
          },
          {
            "name": "SSRT101454",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675938"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/docview.wss?uid=swg21675223"
          },
          {
            "name": "59339",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59339"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682671"
          },
          {
            "name": "59872",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59872"
          },
          {
            "name": "59283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59283"
          },
          {
            "name": "HPSBUX02972",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
          },
          {
            "name": "RHSA-2014:0027",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682669"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21672078"
          },
          {
            "name": "56486",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56486"
          },
          {
            "name": "SUSE-SU-2014:0451",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
          },
          {
            "name": "HPSBUX02973",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
          },
          {
            "name": "59254",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59254"
          },
          {
            "name": "1029608",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1029608"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004745"
          },
          {
            "name": "59665",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59665"
          },
          {
            "name": "USN-2124-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2124-1"
          },
          {
            "name": "56487",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56487"
          },
          {
            "name": "SUSE-SU-2014:0266",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
          },
          {
            "name": "59037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59037"
          },
          {
            "name": "59082",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59082"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680234"
          },
          {
            "name": "102028",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/102028"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676978"
          },
          {
            "name": "RHSA-2014:0026",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010"
          },
          {
            "name": "64758",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64758"
          },
          {
            "name": "59704",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59704"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682668"
          },
          {
            "name": "SUSE-SU-2014:0246",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
          },
          {
            "name": "60836",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60836"
          },
          {
            "name": "RHSA-2014:0134",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682670"
          },
          {
            "name": "59235",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59235"
          },
          {
            "name": "openSUSE-SU-2014:0180",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
          },
          {
            "name": "openSUSE-SU-2014:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.  NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669519"
        },
        {
          "name": "56432",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56432"
        },
        {
          "name": "RHSA-2014:0414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2014:0414"
        },
        {
          "name": "59705",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59705"
        },
        {
          "name": "59324",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59324"
        },
        {
          "name": "RHSA-2014:0136",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc"
        },
        {
          "name": "openSUSE-SU-2014:0174",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
        },
        {
          "name": "SSRT101455",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
        },
        {
          "name": "RHSA-2014:0135",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
        },
        {
          "name": "oracle-cpujan2014-cve20140411(90357)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90357"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682904"
        },
        {
          "name": "59251",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59251"
        },
        {
          "name": "56535",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56535"
        },
        {
          "name": "USN-2089-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2089-1"
        },
        {
          "name": "59194",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59194"
        },
        {
          "name": "60498",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60498"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/docview.wss?uid=swg21677913"
        },
        {
          "name": "60833",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60833"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
        },
        {
          "name": "RHSA-2014:0030",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
        },
        {
          "name": "RHSA-2014:0097",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656"
        },
        {
          "name": "60005",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60005"
        },
        {
          "name": "60835",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60835"
        },
        {
          "name": "56485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56485"
        },
        {
          "name": "57809",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/57809"
        },
        {
          "name": "64918",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64918"
        },
        {
          "name": "59071",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59071"
        },
        {
          "name": "SSRT101454",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675938"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/docview.wss?uid=swg21675223"
        },
        {
          "name": "59339",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59339"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682671"
        },
        {
          "name": "59872",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59872"
        },
        {
          "name": "59283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59283"
        },
        {
          "name": "HPSBUX02972",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
        },
        {
          "name": "RHSA-2014:0027",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682669"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21672078"
        },
        {
          "name": "56486",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56486"
        },
        {
          "name": "SUSE-SU-2014:0451",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
        },
        {
          "name": "HPSBUX02973",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
        },
        {
          "name": "59254",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59254"
        },
        {
          "name": "1029608",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1029608"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004745"
        },
        {
          "name": "59665",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59665"
        },
        {
          "name": "USN-2124-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2124-1"
        },
        {
          "name": "56487",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56487"
        },
        {
          "name": "SUSE-SU-2014:0266",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
        },
        {
          "name": "59037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59037"
        },
        {
          "name": "59082",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59082"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680234"
        },
        {
          "name": "102028",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/102028"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676978"
        },
        {
          "name": "RHSA-2014:0026",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010"
        },
        {
          "name": "64758",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64758"
        },
        {
          "name": "59704",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59704"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682668"
        },
        {
          "name": "SUSE-SU-2014:0246",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
        },
        {
          "name": "60836",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60836"
        },
        {
          "name": "RHSA-2014:0134",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682670"
        },
        {
          "name": "59235",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59235"
        },
        {
          "name": "openSUSE-SU-2014:0180",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
        },
        {
          "name": "openSUSE-SU-2014:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2014-0411",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.  NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21669519",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669519"
            },
            {
              "name": "56432",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56432"
            },
            {
              "name": "RHSA-2014:0414",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2014:0414"
            },
            {
              "name": "59705",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59705"
            },
            {
              "name": "59324",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59324"
            },
            {
              "name": "RHSA-2014:0136",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
            },
            {
              "name": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc",
              "refsource": "CONFIRM",
              "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc"
            },
            {
              "name": "openSUSE-SU-2014:0174",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
            },
            {
              "name": "SSRT101455",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
            },
            {
              "name": "RHSA-2014:0135",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
            },
            {
              "name": "oracle-cpujan2014-cve20140411(90357)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90357"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682904",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682904"
            },
            {
              "name": "59251",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59251"
            },
            {
              "name": "56535",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56535"
            },
            {
              "name": "USN-2089-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2089-1"
            },
            {
              "name": "59194",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59194"
            },
            {
              "name": "60498",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60498"
            },
            {
              "name": "https://www.ibm.com/support/docview.wss?uid=swg21677913",
              "refsource": "CONFIRM",
              "url": "https://www.ibm.com/support/docview.wss?uid=swg21677913"
            },
            {
              "name": "60833",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60833"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
            },
            {
              "name": "RHSA-2014:0030",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
            },
            {
              "name": "RHSA-2014:0097",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656"
            },
            {
              "name": "60005",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60005"
            },
            {
              "name": "60835",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60835"
            },
            {
              "name": "56485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56485"
            },
            {
              "name": "57809",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/57809"
            },
            {
              "name": "64918",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/64918"
            },
            {
              "name": "59071",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59071"
            },
            {
              "name": "SSRT101454",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675938",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675938"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
            },
            {
              "name": "https://www.ibm.com/support/docview.wss?uid=swg21675223",
              "refsource": "CONFIRM",
              "url": "https://www.ibm.com/support/docview.wss?uid=swg21675223"
            },
            {
              "name": "59339",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59339"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682671",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682671"
            },
            {
              "name": "59872",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59872"
            },
            {
              "name": "59283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59283"
            },
            {
              "name": "HPSBUX02972",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
            },
            {
              "name": "RHSA-2014:0027",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682669",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682669"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21672078",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21672078"
            },
            {
              "name": "56486",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56486"
            },
            {
              "name": "SUSE-SU-2014:0451",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
            },
            {
              "name": "HPSBUX02973",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
            },
            {
              "name": "59254",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59254"
            },
            {
              "name": "1029608",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1029608"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004745",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004745"
            },
            {
              "name": "59665",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59665"
            },
            {
              "name": "USN-2124-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2124-1"
            },
            {
              "name": "56487",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56487"
            },
            {
              "name": "SUSE-SU-2014:0266",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
            },
            {
              "name": "59037",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59037"
            },
            {
              "name": "59082",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59082"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680234",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680234"
            },
            {
              "name": "102028",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/102028"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676978",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676978"
            },
            {
              "name": "RHSA-2014:0026",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010"
            },
            {
              "name": "64758",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/64758"
            },
            {
              "name": "59704",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59704"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682668",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682668"
            },
            {
              "name": "SUSE-SU-2014:0246",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
            },
            {
              "name": "60836",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60836"
            },
            {
              "name": "RHSA-2014:0134",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682670",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682670"
            },
            {
              "name": "59235",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59235"
            },
            {
              "name": "openSUSE-SU-2014:0180",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
            },
            {
              "name": "openSUSE-SU-2014:0177",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2014-0411",
    "datePublished": "2014-01-15T02:50:00",
    "dateReserved": "2013-12-12T00:00:00",
    "dateUpdated": "2024-08-06T09:13:10.517Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-1775 (GCVE-0-2013-1775)

Vulnerability from cvelistv5

Published

2013-03-04 21:00

Modified

2024-08-06 15:13

Severity ?

CWE

n/a

Summary

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.

References

URL

Tags

	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/58203	vdb-entry, x_refsource_BID
	http://www.sudo.ws/repos/sudo/rev/ddf399e3e306	x_refsource_CONFIRM
	http://www.sudo.ws/sudo/alerts/epoch_ticket.html	x_refsource_CONFIRM
	http://osvdb.org/90677	vdb-entry, x_refsource_OSVDB
	http://rhn.redhat.com/errata/RHSA-2013-1701.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2013/dsa-2642	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-1754-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440	vendor-advisory, x_refsource_SLACKWARE
	http://www.openwall.com/lists/oss-security/2013/02/27/22	mailing-list, x_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2013-1353.html	vendor-advisory, x_refsource_REDHAT
	https://support.apple.com/kb/HT205031	x_refsource_CONFIRM
	http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f	x_refsource_CONFIRM
	http://support.apple.com/kb/HT5880	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:13:32.822Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "name": "58203",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/58203"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/repos/sudo/rev/ddf399e3e306"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html"
          },
          {
            "name": "90677",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/90677"
          },
          {
            "name": "RHSA-2013:1701",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
          },
          {
            "name": "DSA-2642",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2642"
          },
          {
            "name": "openSUSE-SU-2013:0495",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html"
          },
          {
            "name": "USN-1754-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1754-1"
          },
          {
            "name": "APPLE-SA-2015-08-13-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
          },
          {
            "name": "APPLE-SA-2013-09-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
          },
          {
            "name": "SSA:2013-065-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
          },
          {
            "name": "[oss-security] 20130227 CVE request: sudo authentication bypass when clock is reset",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/02/27/22"
          },
          {
            "name": "RHSA-2013:1353",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT205031"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5880"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
        },
        {
          "name": "58203",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/58203"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/repos/sudo/rev/ddf399e3e306"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html"
        },
        {
          "name": "90677",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/90677"
        },
        {
          "name": "RHSA-2013:1701",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
        },
        {
          "name": "DSA-2642",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2642"
        },
        {
          "name": "openSUSE-SU-2013:0495",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html"
        },
        {
          "name": "USN-1754-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1754-1"
        },
        {
          "name": "APPLE-SA-2015-08-13-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
        },
        {
          "name": "APPLE-SA-2013-09-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
        },
        {
          "name": "SSA:2013-065-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
        },
        {
          "name": "[oss-security] 20130227 CVE request: sudo authentication bypass when clock is reset",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/02/27/22"
        },
        {
          "name": "RHSA-2013:1353",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT205031"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5880"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-1775",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
            },
            {
              "name": "58203",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/58203"
            },
            {
              "name": "http://www.sudo.ws/repos/sudo/rev/ddf399e3e306",
              "refsource": "CONFIRM",
              "url": "http://www.sudo.ws/repos/sudo/rev/ddf399e3e306"
            },
            {
              "name": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html",
              "refsource": "CONFIRM",
              "url": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html"
            },
            {
              "name": "90677",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/90677"
            },
            {
              "name": "RHSA-2013:1701",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
            },
            {
              "name": "DSA-2642",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2642"
            },
            {
              "name": "openSUSE-SU-2013:0495",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html"
            },
            {
              "name": "USN-1754-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1754-1"
            },
            {
              "name": "APPLE-SA-2015-08-13-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
            },
            {
              "name": "APPLE-SA-2013-09-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
            },
            {
              "name": "SSA:2013-065-01",
              "refsource": "SLACKWARE",
              "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
            },
            {
              "name": "[oss-security] 20130227 CVE request: sudo authentication bypass when clock is reset",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2013/02/27/22"
            },
            {
              "name": "RHSA-2013:1353",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
            },
            {
              "name": "https://support.apple.com/kb/HT205031",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT205031"
            },
            {
              "name": "http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f",
              "refsource": "CONFIRM",
              "url": "http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f"
            },
            {
              "name": "http://support.apple.com/kb/HT5880",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5880"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-1775",
    "datePublished": "2013-03-04T21:00:00",
    "dateReserved": "2013-02-19T00:00:00",
    "dateUpdated": "2024-08-06T15:13:32.822Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-1172 (GCVE-0-2012-1172)

Vulnerability from cvelistv5

Published

2012-05-24 00:00

Modified

2024-08-06 18:53

Severity ?

CWE

n/a

Summary

The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or conduct directory traversal attacks during multi-file uploads by leveraging a script that lacks its own filename restrictions.

References

URL

Tags

	http://marc.info/?l=bugtraq&m=134012830914727&w=2	vendor-advisory, x_refsource_HP
	http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/rfc1867.c?r1=321664&r2=321663&pathrev=321664	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080070.html	vendor-advisory, x_refsource_FEDORA
	https://bugs.php.net/bug.php?id=54374	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html	vendor-advisory, x_refsource_SUSE
	https://bugs.php.net/bug.php?id=49683	x_refsource_MISC
	https://nealpoole.com/blog/2011/10/directory-traversal-via-php-multi-file-uploads/	x_refsource_MISC
	http://svn.php.net/viewvc?view=revision&revision=321664	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2012/03/13/4	mailing-list, x_refsource_MLIST
	https://bugs.php.net/bug.php?id=48597	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://isisblogs.poly.edu/2011/08/11/php-not-properly-checking-params/	x_refsource_MISC
	http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT5501	x_refsource_CONFIRM
	https://students.mimuw.edu.pl/~ai292615/php_multipleupload_overwrite.pdf	x_refsource_MISC
	http://www.php.net/ChangeLog-5.php#5.4.0	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html	vendor-advisory, x_refsource_FEDORA
	http://marc.info/?l=bugtraq&m=134012830914727&w=2	vendor-advisory, x_refsource_HP
	http://www.debian.org/security/2012/dsa-2465	vendor-advisory, x_refsource_DEBIAN
	http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html	vendor-advisory, x_refsource_FEDORA
	https://bugs.php.net/bug.php?id=55500	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:53:35.660Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SSRT100856",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/rfc1867.c?r1=321664\u0026r2=321663\u0026pathrev=321664"
          },
          {
            "name": "FEDORA-2012-6869",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080070.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=54374"
          },
          {
            "name": "SUSE-SU-2012:0604",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=49683"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://nealpoole.com/blog/2011/10/directory-traversal-via-php-multi-file-uploads/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.php.net/viewvc?view=revision\u0026revision=321664"
          },
          {
            "name": "[oss-security] 20120313 Re: CVE request for PHP 5.3.x Corrupted $_FILES indices lead to security concern",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/03/13/4"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=48597"
          },
          {
            "name": "SUSE-SU-2012:0598",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isisblogs.poly.edu/2011/08/11/php-not-properly-checking-params/"
          },
          {
            "name": "APPLE-SA-2012-09-19-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5501"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://students.mimuw.edu.pl/~ai292615/php_multipleupload_overwrite.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php#5.4.0"
          },
          {
            "name": "FEDORA-2012-6907",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html"
          },
          {
            "name": "HPSBUX02791",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
          },
          {
            "name": "DSA-2465",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2465"
          },
          {
            "name": "FEDORA-2012-6911",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=55500"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-06-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or conduct directory traversal attacks during multi-file uploads by leveraging a script that lacks its own filename restrictions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-17T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SSRT100856",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/rfc1867.c?r1=321664\u0026r2=321663\u0026pathrev=321664"
        },
        {
          "name": "FEDORA-2012-6869",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080070.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=54374"
        },
        {
          "name": "SUSE-SU-2012:0604",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.php.net/bug.php?id=49683"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://nealpoole.com/blog/2011/10/directory-traversal-via-php-multi-file-uploads/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.php.net/viewvc?view=revision\u0026revision=321664"
        },
        {
          "name": "[oss-security] 20120313 Re: CVE request for PHP 5.3.x Corrupted $_FILES indices lead to security concern",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/03/13/4"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.php.net/bug.php?id=48597"
        },
        {
          "name": "SUSE-SU-2012:0598",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isisblogs.poly.edu/2011/08/11/php-not-properly-checking-params/"
        },
        {
          "name": "APPLE-SA-2012-09-19-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5501"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://students.mimuw.edu.pl/~ai292615/php_multipleupload_overwrite.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php#5.4.0"
        },
        {
          "name": "FEDORA-2012-6907",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html"
        },
        {
          "name": "HPSBUX02791",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
        },
        {
          "name": "DSA-2465",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2465"
        },
        {
          "name": "FEDORA-2012-6911",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=55500"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-1172",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or conduct directory traversal attacks during multi-file uploads by leveraging a script that lacks its own filename restrictions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SSRT100856",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
            },
            {
              "name": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/rfc1867.c?r1=321664\u0026r2=321663\u0026pathrev=321664",
              "refsource": "CONFIRM",
              "url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/rfc1867.c?r1=321664\u0026r2=321663\u0026pathrev=321664"
            },
            {
              "name": "FEDORA-2012-6869",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080070.html"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=54374",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=54374"
            },
            {
              "name": "SUSE-SU-2012:0604",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=49683",
              "refsource": "MISC",
              "url": "https://bugs.php.net/bug.php?id=49683"
            },
            {
              "name": "https://nealpoole.com/blog/2011/10/directory-traversal-via-php-multi-file-uploads/",
              "refsource": "MISC",
              "url": "https://nealpoole.com/blog/2011/10/directory-traversal-via-php-multi-file-uploads/"
            },
            {
              "name": "http://svn.php.net/viewvc?view=revision\u0026revision=321664",
              "refsource": "CONFIRM",
              "url": "http://svn.php.net/viewvc?view=revision\u0026revision=321664"
            },
            {
              "name": "[oss-security] 20120313 Re: CVE request for PHP 5.3.x Corrupted $_FILES indices lead to security concern",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/03/13/4"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=48597",
              "refsource": "MISC",
              "url": "https://bugs.php.net/bug.php?id=48597"
            },
            {
              "name": "SUSE-SU-2012:0598",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
            },
            {
              "name": "http://isisblogs.poly.edu/2011/08/11/php-not-properly-checking-params/",
              "refsource": "MISC",
              "url": "http://isisblogs.poly.edu/2011/08/11/php-not-properly-checking-params/"
            },
            {
              "name": "APPLE-SA-2012-09-19-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5501",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5501"
            },
            {
              "name": "https://students.mimuw.edu.pl/~ai292615/php_multipleupload_overwrite.pdf",
              "refsource": "MISC",
              "url": "https://students.mimuw.edu.pl/~ai292615/php_multipleupload_overwrite.pdf"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php#5.4.0",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-5.php#5.4.0"
            },
            {
              "name": "FEDORA-2012-6907",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html"
            },
            {
              "name": "HPSBUX02791",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134012830914727\u0026w=2"
            },
            {
              "name": "DSA-2465",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2465"
            },
            {
              "name": "FEDORA-2012-6911",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=55500",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=55500"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-1172",
    "datePublished": "2012-05-24T00:00:00",
    "dateReserved": "2012-02-14T00:00:00",
    "dateUpdated": "2024-08-06T18:53:35.660Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2014-AVI-480

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature

Action not permitted

CERTFR-2014-AVI-480

Vulnerability from certfr_avis

Solution

CVE-2010-4008 (GCVE-0-2010-4008)

Vulnerability from cvelistv5

CVE-2011-4609 (GCVE-0-2011-4609)

Vulnerability from cvelistv5

CVE-2011-0421 (GCVE-0-2011-0421)

Vulnerability from cvelistv5

CVE-2014-0095 (GCVE-0-2014-0095)

Vulnerability from cvelistv5

CVE-2011-3368 (GCVE-0-2011-3368)

Vulnerability from cvelistv5

CVE-2010-2956 (GCVE-0-2010-2956)

Vulnerability from cvelistv5

CVE-2011-1944 (GCVE-0-2011-1944)

Vulnerability from cvelistv5

CVE-2013-5908 (GCVE-0-2013-5908)

Vulnerability from cvelistv5

CVE-2014-0099 (GCVE-0-2014-0099)

Vulnerability from cvelistv5

CVE-2014-4827 (GCVE-0-2014-4827)

Vulnerability from cvelistv5

CVE-2012-3510 (GCVE-0-2012-3510)

Vulnerability from cvelistv5

CVE-2010-1163 (GCVE-0-2010-1163)

Vulnerability from cvelistv5

CVE-2014-0453 (GCVE-0-2014-0453)

Vulnerability from cvelistv5

CVE-2011-1089 (GCVE-0-2011-1089)

Vulnerability from cvelistv5

CVE-2010-1646 (GCVE-0-2010-1646)

Vulnerability from cvelistv5

CVE-2011-5000 (GCVE-0-2011-5000)

Vulnerability from cvelistv5

CVE-2014-3470 (GCVE-0-2014-3470)

Vulnerability from cvelistv5

CVE-2011-3919 (GCVE-0-2011-3919)

Vulnerability from cvelistv5

CVE-2011-4317 (GCVE-0-2011-4317)

Vulnerability from cvelistv5

CVE-2014-3062 (GCVE-0-2014-3062)

Vulnerability from cvelistv5

CVE-2010-0830 (GCVE-0-2010-0830)

Vulnerability from cvelistv5

CVE-2013-1643 (GCVE-0-2013-1643)

Vulnerability from cvelistv5

CVE-2013-1635 (GCVE-0-2013-1635)

Vulnerability from cvelistv5

CVE-2013-1620 (GCVE-0-2013-1620)

Vulnerability from cvelistv5

CVE-2014-0837 (GCVE-0-2014-0837)

Vulnerability from cvelistv5

CVE-2014-7169 (GCVE-0-2014-7169)

Vulnerability from cvelistv5

CVE-2012-0057 (GCVE-0-2012-0057)

Vulnerability from cvelistv5

CVE-2011-1153 (GCVE-0-2011-1153)

Vulnerability from cvelistv5

CVE-2014-1568 (GCVE-0-2014-1568)

Vulnerability from cvelistv5

CVE-2012-2110 (GCVE-0-2012-2110)

Vulnerability from cvelistv5

CVE-2012-0831 (GCVE-0-2012-0831)

Vulnerability from cvelistv5

CVE-2014-0460 (GCVE-0-2014-0460)

Vulnerability from cvelistv5

CVE-2014-7187 (GCVE-0-2014-7187)

Vulnerability from cvelistv5

CVE-2010-3853 (GCVE-0-2010-3853)

Vulnerability from cvelistv5

CVE-2009-3563 (GCVE-0-2009-3563)

Vulnerability from cvelistv5

CVE-2010-3316 (GCVE-0-2010-3316)

Vulnerability from cvelistv5

CVE-2011-4566 (GCVE-0-2011-4566)

Vulnerability from cvelistv5

CVE-2009-1265 (GCVE-0-2009-1265)

Vulnerability from cvelistv5