Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-5522 (GCVE-0-2015-5522)
Vulnerability from cvelistv5
Published
2015-08-11 14:00
Modified
2024-08-06 06:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1033703",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033703"
},
{
"name": "[oss-security] 20150713 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/07/13/7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205212"
},
{
"name": "APPLE-SA-2015-09-30-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name": "[oss-security] 20150604 CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/04/2"
},
{
"name": "USN-2695-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2695-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205267"
},
{
"name": "DSA-3309",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3309"
},
{
"name": "APPLE-SA-2015-09-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/htacg/tidy-html5/issues/217"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205213"
},
{
"name": "75037",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75037"
},
{
"name": "APPLE-SA-2015-09-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
},
{
"name": "[oss-security] 20150714 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/07/15/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1033703",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033703"
},
{
"name": "[oss-security] 20150713 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/07/13/7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205212"
},
{
"name": "APPLE-SA-2015-09-30-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name": "[oss-security] 20150604 CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/04/2"
},
{
"name": "USN-2695-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2695-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205267"
},
{
"name": "DSA-3309",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3309"
},
{
"name": "APPLE-SA-2015-09-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/htacg/tidy-html5/issues/217"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205213"
},
{
"name": "75037",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75037"
},
{
"name": "APPLE-SA-2015-09-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
},
{
"name": "[oss-security] 20150714 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/07/15/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033703",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033703"
},
{
"name": "[oss-security] 20150713 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/07/13/7"
},
{
"name": "https://support.apple.com/HT205212",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205212"
},
{
"name": "APPLE-SA-2015-09-30-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name": "[oss-security] 20150604 CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/04/2"
},
{
"name": "USN-2695-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2695-1"
},
{
"name": "https://support.apple.com/HT205267",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205267"
},
{
"name": "DSA-3309",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3309"
},
{
"name": "APPLE-SA-2015-09-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"name": "https://github.com/htacg/tidy-html5/issues/217",
"refsource": "CONFIRM",
"url": "https://github.com/htacg/tidy-html5/issues/217"
},
{
"name": "https://support.apple.com/HT205213",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205213"
},
{
"name": "75037",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75037"
},
{
"name": "APPLE-SA-2015-09-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
},
{
"name": "[oss-security] 20150714 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/07/15/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5522",
"datePublished": "2015-08-11T14:00:00",
"dateReserved": "2015-07-14T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-5522\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-08-11T14:59:14.307\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n ParseValue en lexer.c en tidy en versiones anteriores a 4.9.31, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores implicando un car\u00e1cter de comando en un href.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:htacg:tidy:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.9.30\",\"matchCriteriaId\":\"5C0F4152-4A31-452F-A45C-E9F2D8A2A1AB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F38D3B7E-8429-473F-BB31-FC3583EE5A5B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.2\",\"matchCriteriaId\":\"C0340315-35F7-4736-854B-852916D00673\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.6.8\",\"matchCriteriaId\":\"D1A0EBC0-73C1-4640-90AD-4371D1C0D09F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.1\",\"matchCriteriaId\":\"CCBD0D8B-CD44-4B09-834F-F640546DFED4\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3309\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/06/04/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/07/13/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/07/15/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/75037\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1033703\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2695-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/htacg/tidy-html5/issues/217\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://support.apple.com/HT205212\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT205213\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT205267\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3309\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/06/04/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/07/13/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/07/15/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/75037\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1033703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2695-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/htacg/tidy-html5/issues/217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://support.apple.com/HT205212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT205213\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT205267\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
suse-su-2015:1525-1
Vulnerability from csaf_suse
Published
2015-08-26 20:04
Modified
2015-08-26 20:04
Summary
Security update for tidy
Notes
Title of the patch
Security update for tidy
Description of the patch
This update fixes two heap-based buffer overflows in tidy/libtidy. These vulnerabilities
could allow remote attackers to cause a denial of service (crash) via vectors involving
a command character in an href. (CVE-2015-5522, CVE-2015-5523)
Patchnames
sdksp3-tidy-12080,sdksp4-tidy-12080,sledsp3-tidy-12080,sledsp4-tidy-12080
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tidy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes two heap-based buffer overflows in tidy/libtidy. These vulnerabilities\ncould allow remote attackers to cause a denial of service (crash) via vectors involving\na command character in an href. (CVE-2015-5522, CVE-2015-5523)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp3-tidy-12080,sdksp4-tidy-12080,sledsp3-tidy-12080,sledsp4-tidy-12080",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1525-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1525-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151525-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1525-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-September/001586.html"
},
{
"category": "self",
"summary": "SUSE Bug 933588",
"url": "https://bugzilla.suse.com/933588"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5522 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5523 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5523/"
}
],
"title": "Security update for tidy",
"tracking": {
"current_release_date": "2015-08-26T20:04:21Z",
"generator": {
"date": "2015-08-26T20:04:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1525-1",
"initial_release_date": "2015-08-26T20:04:21Z",
"revision_history": [
{
"date": "2015-08-26T20:04:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libtidy-1.0-37.1.i586",
"product": {
"name": "libtidy-1.0-37.1.i586",
"product_id": "libtidy-1.0-37.1.i586"
}
},
{
"category": "product_version",
"name": "libtidy-devel-1.0-37.1.i586",
"product": {
"name": "libtidy-devel-1.0-37.1.i586",
"product_id": "libtidy-devel-1.0-37.1.i586"
}
},
{
"category": "product_version",
"name": "tidy-1.0-37.1.i586",
"product": {
"name": "tidy-1.0-37.1.i586",
"product_id": "tidy-1.0-37.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libtidy-1.0-37.1.ia64",
"product": {
"name": "libtidy-1.0-37.1.ia64",
"product_id": "libtidy-1.0-37.1.ia64"
}
},
{
"category": "product_version",
"name": "libtidy-devel-1.0-37.1.ia64",
"product": {
"name": "libtidy-devel-1.0-37.1.ia64",
"product_id": "libtidy-devel-1.0-37.1.ia64"
}
},
{
"category": "product_version",
"name": "tidy-1.0-37.1.ia64",
"product": {
"name": "tidy-1.0-37.1.ia64",
"product_id": "tidy-1.0-37.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtidy-1.0-37.1.ppc64",
"product": {
"name": "libtidy-1.0-37.1.ppc64",
"product_id": "libtidy-1.0-37.1.ppc64"
}
},
{
"category": "product_version",
"name": "libtidy-devel-1.0-37.1.ppc64",
"product": {
"name": "libtidy-devel-1.0-37.1.ppc64",
"product_id": "libtidy-devel-1.0-37.1.ppc64"
}
},
{
"category": "product_version",
"name": "tidy-1.0-37.1.ppc64",
"product": {
"name": "tidy-1.0-37.1.ppc64",
"product_id": "tidy-1.0-37.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtidy-1.0-37.1.s390x",
"product": {
"name": "libtidy-1.0-37.1.s390x",
"product_id": "libtidy-1.0-37.1.s390x"
}
},
{
"category": "product_version",
"name": "libtidy-devel-1.0-37.1.s390x",
"product": {
"name": "libtidy-devel-1.0-37.1.s390x",
"product_id": "libtidy-devel-1.0-37.1.s390x"
}
},
{
"category": "product_version",
"name": "tidy-1.0-37.1.s390x",
"product": {
"name": "tidy-1.0-37.1.s390x",
"product_id": "tidy-1.0-37.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtidy-1.0-37.1.x86_64",
"product": {
"name": "libtidy-1.0-37.1.x86_64",
"product_id": "libtidy-1.0-37.1.x86_64"
}
},
{
"category": "product_version",
"name": "libtidy-devel-1.0-37.1.x86_64",
"product": {
"name": "libtidy-devel-1.0-37.1.x86_64",
"product_id": "libtidy-devel-1.0-37.1.x86_64"
}
},
{
"category": "product_version",
"name": "tidy-1.0-37.1.x86_64",
"product": {
"name": "tidy-1.0-37.1.x86_64",
"product_id": "tidy-1.0-37.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sled:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sled:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.i586"
},
"product_reference": "libtidy-1.0-37.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.ia64"
},
"product_reference": "libtidy-1.0-37.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.ppc64"
},
"product_reference": "libtidy-1.0-37.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.s390x"
},
"product_reference": "libtidy-1.0-37.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.x86_64"
},
"product_reference": "libtidy-1.0-37.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-1.0-37.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.i586"
},
"product_reference": "libtidy-devel-1.0-37.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-1.0-37.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.ia64"
},
"product_reference": "libtidy-devel-1.0-37.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-1.0-37.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.ppc64"
},
"product_reference": "libtidy-devel-1.0-37.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-1.0-37.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.s390x"
},
"product_reference": "libtidy-devel-1.0-37.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-1.0-37.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.x86_64"
},
"product_reference": "libtidy-devel-1.0-37.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0-37.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.i586"
},
"product_reference": "tidy-1.0-37.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0-37.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.ia64"
},
"product_reference": "tidy-1.0-37.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0-37.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.ppc64"
},
"product_reference": "tidy-1.0-37.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0-37.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.s390x"
},
"product_reference": "tidy-1.0-37.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0-37.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.x86_64"
},
"product_reference": "tidy-1.0-37.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.i586"
},
"product_reference": "libtidy-1.0-37.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.ia64"
},
"product_reference": "libtidy-1.0-37.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.ppc64"
},
"product_reference": "libtidy-1.0-37.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.s390x"
},
"product_reference": "libtidy-1.0-37.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.x86_64"
},
"product_reference": "libtidy-1.0-37.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-1.0-37.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.i586"
},
"product_reference": "libtidy-devel-1.0-37.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-1.0-37.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.ia64"
},
"product_reference": "libtidy-devel-1.0-37.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-1.0-37.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.ppc64"
},
"product_reference": "libtidy-devel-1.0-37.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-1.0-37.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.s390x"
},
"product_reference": "libtidy-devel-1.0-37.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-1.0-37.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.x86_64"
},
"product_reference": "libtidy-devel-1.0-37.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0-37.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.i586"
},
"product_reference": "tidy-1.0-37.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0-37.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.ia64"
},
"product_reference": "tidy-1.0-37.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0-37.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.ppc64"
},
"product_reference": "tidy-1.0-37.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0-37.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.s390x"
},
"product_reference": "tidy-1.0-37.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0-37.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.x86_64"
},
"product_reference": "tidy-1.0-37.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:libtidy-1.0-37.1.i586"
},
"product_reference": "libtidy-1.0-37.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:libtidy-1.0-37.1.x86_64"
},
"product_reference": "libtidy-1.0-37.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:libtidy-1.0-37.1.i586"
},
"product_reference": "libtidy-1.0-37.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-1.0-37.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:libtidy-1.0-37.1.x86_64"
},
"product_reference": "libtidy-1.0-37.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5522"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5522",
"url": "https://www.suse.com/security/cve/CVE-2015-5522"
},
{
"category": "external",
"summary": "SUSE Bug 933588 for CVE-2015-5522",
"url": "https://bugzilla.suse.com/933588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-08-26T20:04:21Z",
"details": "moderate"
}
],
"title": "CVE-2015-5522"
},
{
"cve": "CVE-2015-5523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5523"
}
],
"notes": [
{
"category": "general",
"text": "The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5523",
"url": "https://www.suse.com/security/cve/CVE-2015-5523"
},
{
"category": "external",
"summary": "SUSE Bug 933588 for CVE-2015-5523",
"url": "https://bugzilla.suse.com/933588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:libtidy-devel-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:tidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtidy-devel-1.0-37.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:tidy-1.0-37.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-08-26T20:04:21Z",
"details": "moderate"
}
],
"title": "CVE-2015-5523"
}
]
}
suse-su-2015:1513-1
Vulnerability from csaf_suse
Published
2015-08-26 20:03
Modified
2015-08-26 20:03
Summary
Security update for tidy
Notes
Title of the patch
Security update for tidy
Description of the patch
This update fixes two heap-based buffer overflows in tidy/libtidy. These vulnerabilities
could allow remote attackers to cause a denial of service (crash) via vectors involving
a command character in an href. (CVE-2015-5522, CVE-2015-5523)
Patchnames
SUSE-SLE-SDK-12-2015-501
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tidy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes two heap-based buffer overflows in tidy/libtidy. These vulnerabilities\ncould allow remote attackers to cause a denial of service (crash) via vectors involving\na command character in an href. (CVE-2015-5522, CVE-2015-5523)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SDK-12-2015-501",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1513-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1513-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151513-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1513-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-September/001580.html"
},
{
"category": "self",
"summary": "SUSE Bug 903962",
"url": "https://bugzilla.suse.com/903962"
},
{
"category": "self",
"summary": "SUSE Bug 933588",
"url": "https://bugzilla.suse.com/933588"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5522 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5523 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5523/"
}
],
"title": "Security update for tidy",
"tracking": {
"current_release_date": "2015-08-26T20:03:54Z",
"generator": {
"date": "2015-08-26T20:03:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1513-1",
"initial_release_date": "2015-08-26T20:03:54Z",
"revision_history": [
{
"date": "2015-08-26T20:03:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libtidy-0_99-0-1.0.20100204cvs-25.3.ppc64le",
"product": {
"name": "libtidy-0_99-0-1.0.20100204cvs-25.3.ppc64le",
"product_id": "libtidy-0_99-0-1.0.20100204cvs-25.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.ppc64le",
"product": {
"name": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.ppc64le",
"product_id": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.ppc64le"
}
},
{
"category": "product_version",
"name": "tidy-1.0.20100204cvs-25.3.ppc64le",
"product": {
"name": "tidy-1.0.20100204cvs-25.3.ppc64le",
"product_id": "tidy-1.0.20100204cvs-25.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libtidy-0_99-0-1.0.20100204cvs-25.3.s390x",
"product": {
"name": "libtidy-0_99-0-1.0.20100204cvs-25.3.s390x",
"product_id": "libtidy-0_99-0-1.0.20100204cvs-25.3.s390x"
}
},
{
"category": "product_version",
"name": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.s390x",
"product": {
"name": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.s390x",
"product_id": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.s390x"
}
},
{
"category": "product_version",
"name": "tidy-1.0.20100204cvs-25.3.s390x",
"product": {
"name": "tidy-1.0.20100204cvs-25.3.s390x",
"product_id": "tidy-1.0.20100204cvs-25.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtidy-0_99-0-1.0.20100204cvs-25.3.x86_64",
"product": {
"name": "libtidy-0_99-0-1.0.20100204cvs-25.3.x86_64",
"product_id": "libtidy-0_99-0-1.0.20100204cvs-25.3.x86_64"
}
},
{
"category": "product_version",
"name": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.x86_64",
"product": {
"name": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.x86_64",
"product_id": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.x86_64"
}
},
{
"category": "product_version",
"name": "tidy-1.0.20100204cvs-25.3.x86_64",
"product": {
"name": "tidy-1.0.20100204cvs-25.3.x86_64",
"product_id": "tidy-1.0.20100204cvs-25.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-0_99-0-1.0.20100204cvs-25.3.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.ppc64le"
},
"product_reference": "libtidy-0_99-0-1.0.20100204cvs-25.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-0_99-0-1.0.20100204cvs-25.3.s390x as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.s390x"
},
"product_reference": "libtidy-0_99-0-1.0.20100204cvs-25.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-0_99-0-1.0.20100204cvs-25.3.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.x86_64"
},
"product_reference": "libtidy-0_99-0-1.0.20100204cvs-25.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.ppc64le"
},
"product_reference": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.s390x as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.s390x"
},
"product_reference": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.x86_64"
},
"product_reference": "libtidy-0_99-0-devel-1.0.20100204cvs-25.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0.20100204cvs-25.3.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.ppc64le"
},
"product_reference": "tidy-1.0.20100204cvs-25.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0.20100204cvs-25.3.s390x as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.s390x"
},
"product_reference": "tidy-1.0.20100204cvs-25.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-1.0.20100204cvs-25.3.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.x86_64"
},
"product_reference": "tidy-1.0.20100204cvs-25.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5522"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5522",
"url": "https://www.suse.com/security/cve/CVE-2015-5522"
},
{
"category": "external",
"summary": "SUSE Bug 933588 for CVE-2015-5522",
"url": "https://bugzilla.suse.com/933588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-08-26T20:03:54Z",
"details": "moderate"
}
],
"title": "CVE-2015-5522"
},
{
"cve": "CVE-2015-5523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5523"
}
],
"notes": [
{
"category": "general",
"text": "The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5523",
"url": "https://www.suse.com/security/cve/CVE-2015-5523"
},
{
"category": "external",
"summary": "SUSE Bug 933588 for CVE-2015-5523",
"url": "https://bugzilla.suse.com/933588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-1.0.20100204cvs-25.3.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:libtidy-0_99-0-devel-1.0.20100204cvs-25.3.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.s390x",
"SUSE Linux Enterprise Software Development Kit 12:tidy-1.0.20100204cvs-25.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-08-26T20:03:54Z",
"details": "moderate"
}
],
"title": "CVE-2015-5523"
}
]
}
opensuse-su-2024:10210-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
libtidy-devel-5.2.0-2.3 on GA media
Notes
Title of the patch
libtidy-devel-5.2.0-2.3 on GA media
Description of the patch
These are all security issues fixed in the libtidy-devel-5.2.0-2.3 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10210
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libtidy-devel-5.2.0-2.3 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libtidy-devel-5.2.0-2.3 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10210",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10210-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5522 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5523 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6583 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6583/"
}
],
"title": "libtidy-devel-5.2.0-2.3 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10210-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libtidy-devel-5.2.0-2.3.aarch64",
"product": {
"name": "libtidy-devel-5.2.0-2.3.aarch64",
"product_id": "libtidy-devel-5.2.0-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "libtidy5-5.2.0-2.3.aarch64",
"product": {
"name": "libtidy5-5.2.0-2.3.aarch64",
"product_id": "libtidy5-5.2.0-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "tidy-5.2.0-2.3.aarch64",
"product": {
"name": "tidy-5.2.0-2.3.aarch64",
"product_id": "tidy-5.2.0-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "tidy-doc-5.2.0-2.3.aarch64",
"product": {
"name": "tidy-doc-5.2.0-2.3.aarch64",
"product_id": "tidy-doc-5.2.0-2.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtidy-devel-5.2.0-2.3.ppc64le",
"product": {
"name": "libtidy-devel-5.2.0-2.3.ppc64le",
"product_id": "libtidy-devel-5.2.0-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libtidy5-5.2.0-2.3.ppc64le",
"product": {
"name": "libtidy5-5.2.0-2.3.ppc64le",
"product_id": "libtidy5-5.2.0-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "tidy-5.2.0-2.3.ppc64le",
"product": {
"name": "tidy-5.2.0-2.3.ppc64le",
"product_id": "tidy-5.2.0-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "tidy-doc-5.2.0-2.3.ppc64le",
"product": {
"name": "tidy-doc-5.2.0-2.3.ppc64le",
"product_id": "tidy-doc-5.2.0-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libtidy-devel-5.2.0-2.3.s390x",
"product": {
"name": "libtidy-devel-5.2.0-2.3.s390x",
"product_id": "libtidy-devel-5.2.0-2.3.s390x"
}
},
{
"category": "product_version",
"name": "libtidy5-5.2.0-2.3.s390x",
"product": {
"name": "libtidy5-5.2.0-2.3.s390x",
"product_id": "libtidy5-5.2.0-2.3.s390x"
}
},
{
"category": "product_version",
"name": "tidy-5.2.0-2.3.s390x",
"product": {
"name": "tidy-5.2.0-2.3.s390x",
"product_id": "tidy-5.2.0-2.3.s390x"
}
},
{
"category": "product_version",
"name": "tidy-doc-5.2.0-2.3.s390x",
"product": {
"name": "tidy-doc-5.2.0-2.3.s390x",
"product_id": "tidy-doc-5.2.0-2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtidy-devel-5.2.0-2.3.x86_64",
"product": {
"name": "libtidy-devel-5.2.0-2.3.x86_64",
"product_id": "libtidy-devel-5.2.0-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "libtidy5-5.2.0-2.3.x86_64",
"product": {
"name": "libtidy5-5.2.0-2.3.x86_64",
"product_id": "libtidy5-5.2.0-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "tidy-5.2.0-2.3.x86_64",
"product": {
"name": "tidy-5.2.0-2.3.x86_64",
"product_id": "tidy-5.2.0-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "tidy-doc-5.2.0-2.3.x86_64",
"product": {
"name": "tidy-doc-5.2.0-2.3.x86_64",
"product_id": "tidy-doc-5.2.0-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-5.2.0-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.aarch64"
},
"product_reference": "libtidy-devel-5.2.0-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-5.2.0-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.ppc64le"
},
"product_reference": "libtidy-devel-5.2.0-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-5.2.0-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.s390x"
},
"product_reference": "libtidy-devel-5.2.0-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy-devel-5.2.0-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.x86_64"
},
"product_reference": "libtidy-devel-5.2.0-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy5-5.2.0-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtidy5-5.2.0-2.3.aarch64"
},
"product_reference": "libtidy5-5.2.0-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy5-5.2.0-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtidy5-5.2.0-2.3.ppc64le"
},
"product_reference": "libtidy5-5.2.0-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy5-5.2.0-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtidy5-5.2.0-2.3.s390x"
},
"product_reference": "libtidy5-5.2.0-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtidy5-5.2.0-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtidy5-5.2.0-2.3.x86_64"
},
"product_reference": "libtidy5-5.2.0-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-5.2.0-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tidy-5.2.0-2.3.aarch64"
},
"product_reference": "tidy-5.2.0-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-5.2.0-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tidy-5.2.0-2.3.ppc64le"
},
"product_reference": "tidy-5.2.0-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-5.2.0-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tidy-5.2.0-2.3.s390x"
},
"product_reference": "tidy-5.2.0-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-5.2.0-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tidy-5.2.0-2.3.x86_64"
},
"product_reference": "tidy-5.2.0-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-doc-5.2.0-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.aarch64"
},
"product_reference": "tidy-doc-5.2.0-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-doc-5.2.0-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.ppc64le"
},
"product_reference": "tidy-doc-5.2.0-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-doc-5.2.0-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.s390x"
},
"product_reference": "tidy-doc-5.2.0-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tidy-doc-5.2.0-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.x86_64"
},
"product_reference": "tidy-doc-5.2.0-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5522"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5522",
"url": "https://www.suse.com/security/cve/CVE-2015-5522"
},
{
"category": "external",
"summary": "SUSE Bug 933588 for CVE-2015-5522",
"url": "https://bugzilla.suse.com/933588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-5522"
},
{
"cve": "CVE-2015-5523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5523"
}
],
"notes": [
{
"category": "general",
"text": "The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5523",
"url": "https://www.suse.com/security/cve/CVE-2015-5523"
},
{
"category": "external",
"summary": "SUSE Bug 933588 for CVE-2015-5523",
"url": "https://bugzilla.suse.com/933588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-5523"
},
{
"cve": "CVE-2016-6583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6583"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6583",
"url": "https://www.suse.com/security/cve/CVE-2016-6583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy-devel-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:libtidy5-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-5.2.0-2.3.x86_64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.aarch64",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.ppc64le",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.s390x",
"openSUSE Tumbleweed:tidy-doc-5.2.0-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-6583"
}
]
}
var-201508-0250
Vulnerability from variot
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href. Tidy is prone to a heap-based buffer-overflow vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Tidy 0.99 is vulnerable; other versions may also be affected. Tidy is a software and function library developed by Dave Raggett, a researcher of the World Wide Web Consortium (W3C), for correcting and cleaning up errors in HTML files and neatly arranging codes (that is, indentation). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2015-09-16-1 iOS 9
iOS 9 is now available and addresses the following:
Apple Pay Available for: iPhone 6, iPad mini 3, and iPad Air 2 Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: The transaction log functionality was enabled in certain configurations. This issue was addressed by removing the transaction log functionality. CVE-ID CVE-2015-5916
AppleKeyStore Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may be able to reset failed passcode attempts with an iOS backup Description: An issue existed in resetting failed passcode attempts with a backup of the iOS device. This was addressed through improved passcode failure logic. CVE-ID CVE-2015-5850 : an anonymous researcher
Application Store Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Clicking a malicious ITMS link may lead to a denial of service in an enterprise-signed application Description: An issue existed with installation through ITMS links. This was addressed through additional installation verification. CVE-ID CVE-2015-5856 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of FireEye, Inc.
Audio Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Playing a malicious audio file may lead to an unexpected application termination Description: A memory corruption issue existed in the handling of audio files. This issue issue was addressed through improved memory handling. CVE-ID CVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.: Prof. Taekyoung Kwon), Yonsei University, Seoul, Korea
Certificate Trust Policy Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Update to the certificate trust policy Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/en- us/HT204132.
CFNetwork Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may read cache data from Apple apps Description: Cache data was encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the cache data with a key protected by the hardware UID and the user's passcode. CVE-ID CVE-2015-5898 : Andreas Kurtz of NESO Security Labs
CFNetwork Cookies Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position can track a user's activity Description: A cross-domain cookie issue existed in the handling of top level domains. The issue was address through improved restrictions of cookie creation. CVE-ID CVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University
CFNetwork Cookies Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to create unintended cookies for a website Description: WebKit would accept multiple cookies to be set in the document.cookie API. This issue was addressed through improved parsing. CVE-ID CVE-2015-3801 : Erling Ellingsen of Facebook
CFNetwork FTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Malicious FTP servers may be able to cause the client to perform reconnaissance on other hosts Description: An issue existed in FTP packet handling if clients were using an FTP proxy. CVE-ID CVE-2015-5912 : Amit Klein
CFNetwork HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted URL may be able to bypass HTTP Strict Transport Security (HSTS) and leak sensitive data Description: A URL parsing vulnerability existed in HSTS handling. This issue was addressed through improved URL parsing. CVE-ID CVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University
CFNetwork HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may be able to track users in Safari private browsing mode Description: An issue existed in the handling of HSTS state in Safari private browsing mode. This issue was addressed through improved state handling. CVE-ID CVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd
CFNetwork Proxies Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Connecting to a malicious web proxy may set malicious cookies for a website Description: An issue existed in the handling of proxy connect responses. This issue was addressed by removing the set-cookie header while parsing the connect response. CVE-ID CVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University
CFNetwork SSL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may intercept SSL/TLS connections Description: A certificate validation issue existed in NSURL when a certificate changed. This issue was addressed through improved certificate validation. CVE-ID CVE-2015-5824 : Timothy J. Wood of The Omni Group
CFNetwork SSL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of RC4. An attacker could force the use of RC4, even if the server preferred better ciphers, by blocking TLS 1.0 and higher connections until CFNetwork tried SSL 3.0, which only allows RC4. This issue was addressed by removing the fallback to SSL 3.0.
CoreAnimation Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to leak sensitive user information Description: Applications could access the screen framebuffer while they were in the background. This issue was addressed with improved access control on IOSurfaces. CVE-ID CVE-2015-5880 : Jin Han, Su Mon Kywe, Qiang Yan, Robert Deng, Debin Gao, Yingjiu Li of School of Information Systems Singapore Management University, Feng Bao and Jianying Zhou of Cryptography and Security Department Institute for Infocomm Research
CoreCrypto Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to determine a private key Description: By observing many signing or decryption attempts, an attacker may have been able to determine the RSA private key. This issue was addressed using improved encryption algorithms.
CoreText Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team
Data Detectors Engine Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: Memory corruption issues existed in the processing of text files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-5829 : M1x7e1 of Safeye Team (www.safeye.org)
Dev Tools Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in dyld. This was addressed through improved memory handling. CVE-ID CVE-2015-5876 : beist of grayhash
dyld Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to bypass code signing Description: An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5839 : @PanguTeam, TaiG Jailbreak Team
Disk Images Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in DiskImages. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5847 : Filippo Bigarella, Luca Todesco
Game Center Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious Game Center application may be able to access a player's email address Description: An issue existed in Game Center in the handling of a player's email. This issue was addressed through improved access restrictions. CVE-ID CVE-2015-5855 : Nasser Alnasser
ICU Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in ICU Description: Multiple vulnerabilities existed in ICU versions prior to 53.1.0. These issues were addressed by updating ICU to version 55.1. CVE-ID CVE-2014-8146 CVE-2015-1205
IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5834 : Cererdlong of Alibaba Mobile Security Team
IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5848 : Filippo Bigarella
IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOHIDFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5867 : moony li of Trend Micro
IOKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5844 : Filippo Bigarella CVE-2015-5845 : Filippo Bigarella CVE-2015-5846 : Filippo Bigarella
IOMobileFrameBuffer Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOMobileFrameBuffer. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5843 : Filippo Bigarella
IOStorageFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may be able to read kernel memory Description: A memory initialization issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5863 : Ilja van Sprundel of IOActive
iTunes Store Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: AppleID credentials may persist in the keychain after sign out Description: An issue existed in keychain deletion. This issue was addressed through improved account cleanup. CVE-ID CVE-2015-5832 : Kasif Dekel from Check Point Software Technologies
JavaScriptCore Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5791 : Apple CVE-2015-5793 : Apple CVE-2015-5814 : Apple CVE-2015-5816 : Apple CVE-2015-5822 : Mark S. Miller of Google CVE-2015-5823 : Apple
Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team CVE-2015-5896 : Maxime Villard of m00nbsd CVE-2015-5903 : CESG
Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may control the value of stack cookies Description: Multiple weaknesses existed in the generation of user space stack cookies. This was addressed through improved generation of stack cookies. CVE-ID CVE-2013-3951 : Stefan Esser
Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local process can modify other processes without entitlement checks Description: An issue existed where root processes using the processor_set_tasks API were allowed to retrieve the task ports of other processes. This issue was addressed through added entitlement checks. CVE-ID CVE-2015-5882 : Pedro Vilaca, working from original research by Ming- chieh Pan and Sung-ting Tsai; Jonathan Levin
Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to launch denial of service attacks on targeted TCP connections without knowing the correct sequence number Description: An issue existed in xnu's validation of TCP packet headers. This issues was addressed through improved TCP packet header validation. CVE-ID CVE-2015-5879 : Jonathan Looney
Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a local LAN segment may disable IPv6 routing Description: An insufficient validation issue existed in handling of IPv6 router advertisements that allowed an attacker to set the hop limit to an arbitrary value. This issue was addressed by enforcing a minimum hop limit. CVE-ID CVE-2015-5869 : Dennis Spindel Ljungmark
Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in XNU that led to the disclosure of kernel memory. This was addressed through improved initialization of kernel memory structures. CVE-ID CVE-2015-5842 : beist of grayhash
Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to cause a system denial of service Description: An issue existed in HFS drive mounting. This was addressed by additional validation checks. CVE-ID CVE-2015-5748 : Maxime Villard of m00nbsd
libc Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse Corporation
libpthread Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team
Mail Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker can send an email that appears to come from a contact in the recipient's address book Description: An issue existed in the handling of the sender's address. This issue was addressed through improved validation. CVE-ID CVE-2015-5857 : Emre Saglam of salesforce.com
Multipeer Connectivity Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may be able to observe unprotected multipeer data Description: An issue existed in convenience initializer handling in which encryption could be actively downgraded to a non-encrypted session. This issue was addressed by changing the convenience initializer to require encryption. CVE-ID CVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem
NetworkExtension Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to determine kernel memory layout Description: An uninitialized memory issue in the kernel led to the disclosure of kernel memory content. This issue was addressed through memory initialization. CVE-ID CVE-2015-5831 : Maxime Villard of m00nbsd
OpenSSL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in OpenSSL Description: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg. CVE-ID CVE-2015-0286 CVE-2015-0287
PluginKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious enterprise application can install extensions before the application has been trusted Description: An issue existed in the validation of extensions during installation. This was addressed through improved app verification. CVE-ID CVE-2015-5837 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of FireEye, Inc.
removefile Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing malicious data may lead to unexpected application termination Description: An overflow fault existed in the checkint division routines. This issue was addressed with improved division routines. CVE-ID CVE-2015-5840 : an anonymous researcher
Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to read Safari bookmarks on a locked iOS device without a passcode Description: Safari bookmark data was encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the Safari bookmark data with a key protected by the hardware UID and the user's passcode. CVE-ID CVE-2015-5903 : Jonathan Zdziarski
Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue may have allowed a website to display content with a URL from a different website. This issue was addressed through improved URL handling. CVE-ID CVE-2015-5904 : Erling Ellingsen of Facebook, Lukasz Pilorz
Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: Navigating to a malicious website with a malformed window opener may have allowed the display of arbitrary URLs. This issue was addressed through improved handling of window openers. CVE-ID CVE-2015-5905 : Keita Haga of keitahaga.com
Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Users may be tracked by malicious websites using client certificates Description: An issue existed in Safari's client certificate matching for SSL authentication. This issue was addressed through improved matching of valid client certificates. CVE-ID CVE-2015-1129 : Stefan Kraus of fluid Operations AG, Sylvain Munaut of Whatever s.a.
Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: Multiple user interface inconsistencies may have allowed a malicious website to display an arbitrary URL. These issues were addressed through improved URL display logic. CVE-ID CVE-2015-5764 : Antonio Sanso (@asanso) of Adobe CVE-2015-5765 : Ron Masas CVE-2015-5767 : Krystian Kloskowski via Secunia, Masato Kinugawa
Safari Safe Browsing Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Navigating to the IP address of a known malicious website may not trigger a security warning Description: Safari's Safe Browsing feature did not warn users when visiting known malicious websites by their IP addresses. The issue was addressed through improved malicious site detection. Rahul M of TagsDoc
Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious app may be able to intercept communication between apps Description: An issue existed that allowed a malicious app to intercept URL scheme communication between apps. This was mitigated by displaying a dialog when a URL scheme is used for the first time. CVE-ID CVE-2015-5835 : Teun van Run of FiftyTwoDegreesNorth B.V.; XiaoFeng Wang of Indiana University, Luyi Xing of Indiana University, Tongxin Li of Peking University, Tongxin Li of Peking University, Xiaolong Bai of Tsinghua University
Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: When a request was made to Siri, client side restrictions were not being checked by the server. This issue was addressed through improved restriction checking. CVE-ID CVE-2015-5892 : Robert S Mozayeni, Joshua Donvito
SpringBoard Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device can reply to an audio message from the lock screen when message previews from the lock screen are disabled Description: A lock screen issue allowed users to reply to audio messages when message previews were disabled. This issue was addressed through improved state management. CVE-ID CVE-2015-5861 : Daniel Miedema of Meridian Apps
SpringBoard Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to spoof another application's dialog windows Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-ID CVE-2015-5838 : Min (Spark) Zheng, Hui Xue, Tao (Lenx) Wei, John C.S. Lui
SQLite Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in SQLite v3.8.5 Description: Multiple vulnerabilities existed in SQLite v3.8.5. These issues were addressed by updating SQLite to version 3.8.10.2. CVE-ID CVE-2015-5895
tidy Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in Tidy. This issues was addressed through improved memory handling. CVE-ID CVE-2015-5522 : Fernando Munoz of NULLGroup.com CVE-2015-5523 : Fernando Munoz of NULLGroup.com
WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Object references may be leaked between isolated origins on custom events, message events and pop state events Description: An object leak issue broke the isolation boundary between origins. This issue was addressed through improved isolation between origins. CVE-ID CVE-2015-5827 : Gildas
WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5789 : Apple CVE-2015-5790 : Apple CVE-2015-5792 : Apple CVE-2015-5794 : Apple CVE-2015-5795 : Apple CVE-2015-5796 : Apple CVE-2015-5797 : Apple CVE-2015-5799 : Apple CVE-2015-5800 : Apple CVE-2015-5801 : Apple CVE-2015-5802 : Apple CVE-2015-5803 : Apple CVE-2015-5804 : Apple CVE-2015-5805 CVE-2015-5806 : Apple CVE-2015-5807 : Apple CVE-2015-5809 : Apple CVE-2015-5810 : Apple CVE-2015-5811 : Apple CVE-2015-5812 : Apple CVE-2015-5813 : Apple CVE-2015-5817 : Apple CVE-2015-5818 : Apple CVE-2015-5819 : Apple CVE-2015-5821 : Apple
WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to unintended dialing Description: An issue existed in handling of tel://, facetime://, and facetime-audio:// URLs. This issue was addressed through improved URL handling. CVE-ID CVE-2015-5820 : Andrei Neculaesei, Guillaume Ross
WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: QuickType may learn the last character of a password in a filled-in web form Description: An issue existed in WebKit's handling of password input context. This issue was addressed through improved input context handling. CVE-ID CVE-2015-5906 : Louis Romero of Google Inc.
WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may be able to redirect to a malicious domain Description: An issue existed in the handling of resource caches on sites with invalid certificates. The issue was addressed by rejecting the application cache of domains with invalid certificates. CVE-ID CVE-2015-5907 : Yaoqi Jia of National University of Singapore (NUS)
WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may exfiltrate data cross-origin Description: Safari allowed cross-origin stylesheets to be loaded with non-CSS MIME types which could be used for cross-origin data exfiltration. This issue was addressed by limiting MIME types for cross-origin stylesheets. CVE-ID CVE-2015-5826 : filedescriptor, Chris Evans
WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: The Performance API may allow a malicious website to leak browsing history, network activity, and mouse movements Description: WebKit's Performance API could have allowed a malicious website to leak browsing history, network activity, and mouse movements by measuring time. This issue was addressed by limiting time resolution. CVE-ID CVE-2015-5825 : Yossi Oren et al. of Columbia University's Network Security Lab
WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An issue existed with Content-Disposition headers containing type attachment. This issue was addressed by disallowing some functionality for type attachment pages. CVE-ID CVE-2015-5921 : Mickey Shkatov of the Intel(r) Advanced Threat Research Team, Daoyuan Wu of Singapore Management University, Rocky K. C. Chang of Hong Kong Polytechnic University, Lukasz Pilorz, superhei of www.knownsec.com
WebKit Canvas Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may disclose image data from another website Description: A cross-origin issue existed with "canvas" element images in WebKit. This was addressed through improved tracking of security origins. CVE-ID CVE-2015-5788 : Apple
WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: WebSockets may bypass mixed content policy enforcement Description: An insufficient policy enforcement issue allowed WebSockets to load mixed content. This issue was addressed by extending mixed content policy enforcement to WebSockets. Kevin G Jones of Higher Logic
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "9".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJV+avFAAoJEBcWfLTuOo7tAOsQAKVBs+YG3HuMy0mc0rnpbRtU +bjdnzwBeQE6C6Fp/SlZroyYtutnPw9QoFbUpY9Kkcer08uPap6kUAcF72fD51tG UYmIe5WvDSMWD98pKsgDGUVfGdU1h135KpSfDgoiQrZK2GAPe2xCDupD42jIPLk2 3qSyrYnVzfrCZ8uBk9j4gqoF5Ki6JSP/3Qm7hiPfhQXcMyQyIQ+2tJyQcSyGf5OM RgkmHwjIjkEb8jwwQ6h4LPMNuvqq8Kv6P4wQQeUl7RdtLJfafmFg+mV7bSmV/b28 Hk5EHQrQJ5fVl9jBFxti6aZrhrNr5yRL9yAdrpNB0rWfDN0z9emyGRrW2vli+Zv+ 0xXBZfAiNVAP53ou4gyVkLDZ+zx5lsWSADU1QWbIR2DY+WXUIN5QJ/ayFkNN9gqD WrFGHOc/l+Rq82uQi4ND0jTcYqhBG0MyooJf29orPA2tZeKvrcA4/6w12w6eJ7qA aW5J+BByErqWft42I/JT3CbnK+GBEDHnj4GAeSMHuNolPNsoH5cv0G4yKigW0zLS 81AzADTcBtKtaSD9aBAPAL6TTGUySmupF8flhHTMcpZh1MbAqo+bObMXUMvCrmST yq+5/R0gVuMN0BQ7adwI0akYApuqrNi/Mp9zT+JlU2wiSfaHm58Ugf8YAmc+sfjT rHWi1bvzskkrxRfuQ4mX =MnPh -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-2695-1 July 29, 2015
tidy vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
HTML Tidy could be made to crash or run programs if it processed specially crafted data.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: libtidy-0.99-0 20091223cvs-1.4ubuntu0.1
Ubuntu 14.04 LTS: libtidy-0.99-0 20091223cvs-1.2ubuntu1.1
Ubuntu 12.04 LTS: libtidy-0.99-0 20091223cvs-1ubuntu2.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2695-1 CVE-2015-5522, CVE-2015-5523
Package Information: https://launchpad.net/ubuntu/+source/tidy/20091223cvs-1.4ubuntu0.1 https://launchpad.net/ubuntu/+source/tidy/20091223cvs-1.2ubuntu1.1 https://launchpad.net/ubuntu/+source/tidy/20091223cvs-1ubuntu2.1 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-3309-1 security@debian.org https://www.debian.org/security/ Alessandro Ghedini July 18, 2015 https://www.debian.org/security/faq
Package : tidy CVE ID : CVE-2015-5522 CVE-2015-5523 Debian Bug : 792571
Fernando Muñoz discovered that invalid HTML input passed to tidy, an HTML syntax checker and reformatter, could trigger a buffer overflow.
Geoff McLane also discovered that a similar issue could trigger an integer overflow, leading to a memory allocation of 4GB.
For the oldstable distribution (wheezy), these problems have been fixed in version 20091223cvs-1.2+deb7u1.
For the stable distribution (jessie), these problems have been fixed in version 20091223cvs-1.4+deb8u1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your tidy packages
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0250",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.8"
},
{
"model": "tidy",
"scope": "lte",
"trust": 1.0,
"vendor": "htacg",
"version": "4.9.30"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "8.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "watchos",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "tidy",
"scope": "lt",
"trust": 0.8,
"vendor": "htacg",
"version": "4.9.31"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.6.8 thats all 10.11"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9 (ipad 2 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9 (iphone 4s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9 (ipod touch first 5 after generation )"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "2 (apple watch edition)"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "2 (apple watch sport)"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "2 (apple watch)"
},
{
"model": "tidy",
"scope": "eq",
"trust": 0.6,
"vendor": "htacg",
"version": "4.9.30"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
}
],
"sources": [
{
"db": "BID",
"id": "75037"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004032"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-225"
},
{
"db": "NVD",
"id": "CVE-2015-5522"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:htacg:tidy",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:watchos",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004032"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fernando Mu?oz",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-225"
}
],
"trust": 0.6
},
"cve": "CVE-2015-5522",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-5522",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-83483",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-5522",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-5522",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-225",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-83483",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-5522",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83483"
},
{
"db": "VULMON",
"id": "CVE-2015-5522"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004032"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-225"
},
{
"db": "NVD",
"id": "CVE-2015-5522"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href. Tidy is prone to a heap-based buffer-overflow vulnerability. \nSuccessful exploits may allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. \nTidy 0.99 is vulnerable; other versions may also be affected. Tidy is a software and function library developed by Dave Raggett, a researcher of the World Wide Web Consortium (W3C), for correcting and cleaning up errors in HTML files and neatly arranging codes (that is, indentation). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-09-16-1 iOS 9\n\niOS 9 is now available and addresses the following:\n\nApple Pay\nAvailable for: iPhone 6, iPad mini 3, and iPad Air 2\nImpact: Some cards may allow a terminal to retrieve limited recent\ntransaction information when making a payment\nDescription: The transaction log functionality was enabled in\ncertain configurations. This issue was addressed by removing the\ntransaction log functionality. \nCVE-ID\nCVE-2015-5916\n\nAppleKeyStore\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local attacker may be able to reset failed passcode\nattempts with an iOS backup\nDescription: An issue existed in resetting failed passcode attempts\nwith a backup of the iOS device. This was addressed through improved\npasscode failure logic. \nCVE-ID\nCVE-2015-5850 : an anonymous researcher\n\nApplication Store\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Clicking a malicious ITMS link may lead to a denial of\nservice in an enterprise-signed application\nDescription: An issue existed with installation through ITMS links. \nThis was addressed through additional installation verification. \nCVE-ID\nCVE-2015-5856 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\nFireEye, Inc. \n\nAudio\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Playing a malicious audio file may lead to an unexpected\napplication termination\nDescription: A memory corruption issue existed in the handling of\naudio files. This issue issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.:\nProf. Taekyoung Kwon), Yonsei University, Seoul, Korea\n\nCertificate Trust Policy\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Update to the certificate trust policy\nDescription: The certificate trust policy was updated. The complete\nlist of certificates may be viewed at https://support.apple.com/en-\nus/HT204132. \n\nCFNetwork\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A person with physical access to an iOS device may read\ncache data from Apple apps\nDescription: Cache data was encrypted with a key protected only by\nthe hardware UID. This issue was addressed by encrypting the cache\ndata with a key protected by the hardware UID and the user\u0027s\npasscode. \nCVE-ID\nCVE-2015-5898 : Andreas Kurtz of NESO Security Labs\n\nCFNetwork Cookies\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker in a privileged network position can track a\nuser\u0027s activity\nDescription: A cross-domain cookie issue existed in the handling of\ntop level domains. The issue was address through improved\nrestrictions of cookie creation. \nCVE-ID\nCVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork Cookies\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker may be able to create unintended cookies for a\nwebsite\nDescription: WebKit would accept multiple cookies to be set in the\ndocument.cookie API. This issue was addressed through improved\nparsing. \nCVE-ID\nCVE-2015-3801 : Erling Ellingsen of Facebook\n\nCFNetwork FTPProtocol\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Malicious FTP servers may be able to cause the client to\nperform reconnaissance on other hosts\nDescription: An issue existed in FTP packet handling if clients were\nusing an FTP proxy. \nCVE-ID\nCVE-2015-5912 : Amit Klein\n\nCFNetwork HTTPProtocol\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A maliciously crafted URL may be able to bypass HTTP Strict\nTransport Security (HSTS) and leak sensitive data\nDescription: A URL parsing vulnerability existed in HSTS handling. \nThis issue was addressed through improved URL parsing. \nCVE-ID\nCVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork HTTPProtocol\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious website may be able to track users in Safari\nprivate browsing mode\nDescription: An issue existed in the handling of HSTS state in\nSafari private browsing mode. This issue was addressed through\nimproved state handling. \nCVE-ID\nCVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd\n\nCFNetwork Proxies\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Connecting to a malicious web proxy may set malicious\ncookies for a website\nDescription: An issue existed in the handling of proxy connect\nresponses. This issue was addressed by removing the set-cookie header\nwhile parsing the connect response. \nCVE-ID\nCVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork SSL\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker with a privileged network position may intercept\nSSL/TLS connections\nDescription: A certificate validation issue existed in NSURL when a\ncertificate changed. This issue was addressed through improved\ncertificate validation. \nCVE-ID\nCVE-2015-5824 : Timothy J. Wood of The Omni Group\n\nCFNetwork SSL\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker may be able to decrypt data protected by SSL\nDescription: There are known attacks on the confidentiality of RC4. \nAn attacker could force the use of RC4, even if the server preferred\nbetter ciphers, by blocking TLS 1.0 and higher connections until\nCFNetwork tried SSL 3.0, which only allows RC4. This issue was\naddressed by removing the fallback to SSL 3.0. \n\nCoreAnimation\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious application may be able to leak sensitive user\ninformation\nDescription: Applications could access the screen framebuffer while\nthey were in the background. This issue was addressed with improved\naccess control on IOSurfaces. \nCVE-ID\nCVE-2015-5880 : Jin Han, Su Mon Kywe, Qiang Yan, Robert Deng, Debin\nGao, Yingjiu Li of School of Information Systems Singapore Management\nUniversity, Feng Bao and Jianying Zhou of Cryptography and Security\nDepartment Institute for Infocomm Research\n\nCoreCrypto\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker may be able to determine a private key\nDescription: By observing many signing or decryption attempts, an\nattacker may have been able to determine the RSA private key. This\nissue was addressed using improved encryption algorithms. \n\nCoreText\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\n\nData Detectors Engine\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Processing a maliciously crafted text file may lead to\narbitrary code execution\nDescription: Memory corruption issues existed in the processing of\ntext files. These issues were addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5829 : M1x7e1 of Safeye Team (www.safeye.org)\n\nDev Tools\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in dyld. This was\naddressed through improved memory handling. \nCVE-ID\nCVE-2015-5876 : beist of grayhash\n\ndyld\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An application may be able to bypass code signing\nDescription: An issue existed with validation of the code signature\nof executables. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5839 : @PanguTeam, TaiG Jailbreak Team\n\nDisk Images\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in DiskImages. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5847 : Filippo Bigarella, Luca Todesco\n\nGame Center\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious Game Center application may be able to access a\nplayer\u0027s email address\nDescription: An issue existed in Game Center in the handling of a\nplayer\u0027s email. This issue was addressed through improved access\nrestrictions. \nCVE-ID\nCVE-2015-5855 : Nasser Alnasser\n\nICU\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Multiple vulnerabilities in ICU\nDescription: Multiple vulnerabilities existed in ICU versions prior\nto 53.1.0. These issues were addressed by updating ICU to version\n55.1. \nCVE-ID\nCVE-2014-8146\nCVE-2015-1205\n\nIOAcceleratorFamily\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed that led to the disclosure of kernel\nmemory content. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5834 : Cererdlong of Alibaba Mobile Security Team\n\nIOAcceleratorFamily\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in\nIOAcceleratorFamily. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5848 : Filippo Bigarella\n\nIOHIDFamily\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in IOHIDFamily. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5867 : moony li of Trend Micro\n\nIOKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5844 : Filippo Bigarella\nCVE-2015-5845 : Filippo Bigarella\nCVE-2015-5846 : Filippo Bigarella\n\nIOMobileFrameBuffer\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in\nIOMobileFrameBuffer. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5843 : Filippo Bigarella\n\nIOStorageFamily\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local attacker may be able to read kernel memory\nDescription: A memory initialization issue existed in the kernel. \nThis issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5863 : Ilja van Sprundel of IOActive\n\niTunes Store\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: AppleID credentials may persist in the keychain after sign\nout\nDescription: An issue existed in keychain deletion. This issue was\naddressed through improved account cleanup. \nCVE-ID\nCVE-2015-5832 : Kasif Dekel from Check Point Software Technologies\n\nJavaScriptCore\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: Memory corruption issues existed in WebKit. These\nissues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5791 : Apple\nCVE-2015-5793 : Apple\nCVE-2015-5814 : Apple\nCVE-2015-5816 : Apple\nCVE-2015-5822 : Mark S. Miller of Google\nCVE-2015-5823 : Apple\n\nKernel\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team\nCVE-2015-5896 : Maxime Villard of m00nbsd\nCVE-2015-5903 : CESG\n\nKernel\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local attacker may control the value of stack cookies\nDescription: Multiple weaknesses existed in the generation of user\nspace stack cookies. This was addressed through improved generation\nof stack cookies. \nCVE-ID\nCVE-2013-3951 : Stefan Esser\n\nKernel\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local process can modify other processes without\nentitlement checks\nDescription: An issue existed where root processes using the\nprocessor_set_tasks API were allowed to retrieve the task ports of\nother processes. This issue was addressed through added entitlement\nchecks. \nCVE-ID\nCVE-2015-5882 : Pedro Vilaca, working from original research by Ming-\nchieh Pan and Sung-ting Tsai; Jonathan Levin\n\nKernel\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker may be able to launch denial of service attacks\non targeted TCP connections without knowing the correct sequence\nnumber\nDescription: An issue existed in xnu\u0027s validation of TCP packet\nheaders. This issues was addressed through improved TCP packet header\nvalidation. \nCVE-ID\nCVE-2015-5879 : Jonathan Looney\n\nKernel\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker in a local LAN segment may disable IPv6 routing\nDescription: An insufficient validation issue existed in handling of\nIPv6 router advertisements that allowed an attacker to set the hop\nlimit to an arbitrary value. This issue was addressed by enforcing a\nminimum hop limit. \nCVE-ID\nCVE-2015-5869 : Dennis Spindel Ljungmark\n\nKernel\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An issue existed in XNU that led to the disclosure of\nkernel memory. This was addressed through improved initialization of\nkernel memory structures. \nCVE-ID\nCVE-2015-5842 : beist of grayhash\n\nKernel\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: An issue existed in HFS drive mounting. This was\naddressed by additional validation checks. \nCVE-ID\nCVE-2015-5748 : Maxime Villard of m00nbsd\n\nlibc\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse\nCorporation\n\nlibpthread\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team\n\nMail\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker can send an email that appears to come from a\ncontact in the recipient\u0027s address book\nDescription: An issue existed in the handling of the sender\u0027s\naddress. This issue was addressed through improved validation. \nCVE-ID\nCVE-2015-5857 : Emre Saglam of salesforce.com\n\nMultipeer Connectivity\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local attacker may be able to observe unprotected\nmultipeer data\nDescription: An issue existed in convenience initializer handling in\nwhich encryption could be actively downgraded to a non-encrypted\nsession. This issue was addressed by changing the convenience\ninitializer to require encryption. \nCVE-ID\nCVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem\n\nNetworkExtension\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An uninitialized memory issue in the kernel led to the\ndisclosure of kernel memory content. This issue was addressed through\nmemory initialization. \nCVE-ID\nCVE-2015-5831 : Maxime Villard of m00nbsd\n\nOpenSSL\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Multiple vulnerabilities in OpenSSL\nDescription: Multiple vulnerabilities existed in OpenSSL versions\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\n0.9.8zg. \nCVE-ID\nCVE-2015-0286\nCVE-2015-0287\n\nPluginKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious enterprise application can install extensions\nbefore the application has been trusted\nDescription: An issue existed in the validation of extensions during\ninstallation. This was addressed through improved app verification. \nCVE-ID\nCVE-2015-5837 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\nFireEye, Inc. \n\nremovefile\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Processing malicious data may lead to unexpected application\ntermination\nDescription: An overflow fault existed in the checkint division\nroutines. This issue was addressed with improved division routines. \nCVE-ID\nCVE-2015-5840 : an anonymous researcher\n\nSafari\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A local user may be able to read Safari bookmarks on a\nlocked iOS device without a passcode\nDescription: Safari bookmark data was encrypted with a key protected\nonly by the hardware UID. This issue was addressed by encrypting the\nSafari bookmark data with a key protected by the hardware UID and the\nuser\u0027s passcode. \nCVE-ID\nCVE-2015-5903 : Jonathan Zdziarski\n\nSafari\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a malicious website may lead to user interface\nspoofing\nDescription: An issue may have allowed a website to display content\nwith a URL from a different website. This issue was addressed through\nimproved URL handling. \nCVE-ID\nCVE-2015-5904 : Erling Ellingsen of Facebook, Lukasz Pilorz\n\nSafari\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a malicious website may lead to user interface\nspoofing\nDescription: Navigating to a malicious website with a malformed\nwindow opener may have allowed the display of arbitrary URLs. This\nissue was addressed through improved handling of window openers. \nCVE-ID\nCVE-2015-5905 : Keita Haga of keitahaga.com\n\nSafari\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Users may be tracked by malicious websites using client\ncertificates\nDescription: An issue existed in Safari\u0027s client certificate\nmatching for SSL authentication. This issue was addressed through\nimproved matching of valid client certificates. \nCVE-ID\nCVE-2015-1129 : Stefan Kraus of fluid Operations AG, Sylvain Munaut\nof Whatever s.a. \n\nSafari\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a malicious website may lead to user interface\nspoofing\nDescription: Multiple user interface inconsistencies may have\nallowed a malicious website to display an arbitrary URL. These issues\nwere addressed through improved URL display logic. \nCVE-ID\nCVE-2015-5764 : Antonio Sanso (@asanso) of Adobe\nCVE-2015-5765 : Ron Masas\nCVE-2015-5767 : Krystian Kloskowski via Secunia, Masato Kinugawa\n\nSafari Safe Browsing\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Navigating to the IP address of a known malicious website\nmay not trigger a security warning\nDescription: Safari\u0027s Safe Browsing feature did not warn users when\nvisiting known malicious websites by their IP addresses. The issue\nwas addressed through improved malicious site detection. \nRahul M of TagsDoc\n\nSecurity\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious app may be able to intercept communication\nbetween apps\nDescription: An issue existed that allowed a malicious app to\nintercept URL scheme communication between apps. This was mitigated\nby displaying a dialog when a URL scheme is used for the first time. \nCVE-ID\nCVE-2015-5835 : Teun van Run of FiftyTwoDegreesNorth B.V.; XiaoFeng\nWang of Indiana University, Luyi Xing of Indiana University, Tongxin\nLi of Peking University, Tongxin Li of Peking University, Xiaolong\nBai of Tsinghua University\n\nSiri\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A person with physical access to an iOS device may be able\nto use Siri to read notifications of content that is set not to be\ndisplayed at the lock screen\nDescription: When a request was made to Siri, client side\nrestrictions were not being checked by the server. This issue was\naddressed through improved restriction checking. \nCVE-ID\nCVE-2015-5892 : Robert S Mozayeni, Joshua Donvito\n\nSpringBoard\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A person with physical access to an iOS device can reply to\nan audio message from the lock screen when message previews from the\nlock screen are disabled\nDescription: A lock screen issue allowed users to reply to audio\nmessages when message previews were disabled. This issue was\naddressed through improved state management. \nCVE-ID\nCVE-2015-5861 : Daniel Miedema of Meridian Apps\n\nSpringBoard\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious application may be able to spoof another\napplication\u0027s dialog windows\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-ID\nCVE-2015-5838 : Min (Spark) Zheng, Hui Xue, Tao (Lenx) Wei, John C.S. \nLui\n\nSQLite\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Multiple vulnerabilities in SQLite v3.8.5\nDescription: Multiple vulnerabilities existed in SQLite v3.8.5. \nThese issues were addressed by updating SQLite to version 3.8.10.2. \nCVE-ID\nCVE-2015-5895\n\ntidy\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A memory corruption issue existed in Tidy. This issues\nwas addressed through improved memory handling. \nCVE-ID\nCVE-2015-5522 : Fernando Munoz of NULLGroup.com\nCVE-2015-5523 : Fernando Munoz of NULLGroup.com\n\nWebKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Object references may be leaked between isolated origins on\ncustom events, message events and pop state events\nDescription: An object leak issue broke the isolation boundary\nbetween origins. This issue was addressed through improved isolation\nbetween origins. \nCVE-ID\nCVE-2015-5827 : Gildas\n\nWebKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: Memory corruption issues existed in WebKit. These\nissues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5789 : Apple\nCVE-2015-5790 : Apple\nCVE-2015-5792 : Apple\nCVE-2015-5794 : Apple\nCVE-2015-5795 : Apple\nCVE-2015-5796 : Apple\nCVE-2015-5797 : Apple\nCVE-2015-5799 : Apple\nCVE-2015-5800 : Apple\nCVE-2015-5801 : Apple\nCVE-2015-5802 : Apple\nCVE-2015-5803 : Apple\nCVE-2015-5804 : Apple\nCVE-2015-5805\nCVE-2015-5806 : Apple\nCVE-2015-5807 : Apple\nCVE-2015-5809 : Apple\nCVE-2015-5810 : Apple\nCVE-2015-5811 : Apple\nCVE-2015-5812 : Apple\nCVE-2015-5813 : Apple\nCVE-2015-5817 : Apple\nCVE-2015-5818 : Apple\nCVE-2015-5819 : Apple\nCVE-2015-5821 : Apple\n\nWebKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a malicious website may lead to unintended dialing\nDescription: An issue existed in handling of tel://, facetime://,\nand facetime-audio:// URLs. This issue was addressed through improved\nURL handling. \nCVE-ID\nCVE-2015-5820 : Andrei Neculaesei, Guillaume Ross\n\nWebKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: QuickType may learn the last character of a password in a\nfilled-in web form\nDescription: An issue existed in WebKit\u0027s handling of password input\ncontext. This issue was addressed through improved input context\nhandling. \nCVE-ID\nCVE-2015-5906 : Louis Romero of Google Inc. \n\nWebKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker in a privileged network position may be able to\nredirect to a malicious domain\nDescription: An issue existed in the handling of resource caches on\nsites with invalid certificates. The issue was addressed by rejecting\nthe application cache of domains with invalid certificates. \nCVE-ID\nCVE-2015-5907 : Yaoqi Jia of National University of Singapore (NUS)\n\nWebKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious website may exfiltrate data cross-origin\nDescription: Safari allowed cross-origin stylesheets to be loaded\nwith non-CSS MIME types which could be used for cross-origin data\nexfiltration. This issue was addressed by limiting MIME types for\ncross-origin stylesheets. \nCVE-ID\nCVE-2015-5826 : filedescriptor, Chris Evans\n\nWebKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: The Performance API may allow a malicious website to leak\nbrowsing history, network activity, and mouse movements\nDescription: WebKit\u0027s Performance API could have allowed a malicious\nwebsite to leak browsing history, network activity, and mouse\nmovements by measuring time. This issue was addressed by limiting\ntime resolution. \nCVE-ID\nCVE-2015-5825 : Yossi Oren et al. of Columbia University\u0027s Network\nSecurity Lab\n\nWebKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker in a privileged network position may be able to\nleak sensitive user information\nDescription: An issue existed with Content-Disposition headers\ncontaining type attachment. This issue was addressed by disallowing\nsome functionality for type attachment pages. \nCVE-ID\nCVE-2015-5921 : Mickey Shkatov of the Intel(r) Advanced Threat\nResearch Team, Daoyuan Wu of Singapore Management University, Rocky\nK. C. Chang of Hong Kong Polytechnic University, Lukasz Pilorz,\nsuperhei of www.knownsec.com\n\nWebKit Canvas\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a malicious website may disclose image data from\nanother website\nDescription: A cross-origin issue existed with \"canvas\" element\nimages in WebKit. This was addressed through improved tracking of\nsecurity origins. \nCVE-ID\nCVE-2015-5788 : Apple\n\nWebKit Page Loading\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: WebSockets may bypass mixed content policy enforcement\nDescription: An insufficient policy enforcement issue allowed\nWebSockets to load mixed content. This issue was addressed by\nextending mixed content policy enforcement to WebSockets. \nKevin G Jones of Higher Logic\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"9\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJV+avFAAoJEBcWfLTuOo7tAOsQAKVBs+YG3HuMy0mc0rnpbRtU\n+bjdnzwBeQE6C6Fp/SlZroyYtutnPw9QoFbUpY9Kkcer08uPap6kUAcF72fD51tG\nUYmIe5WvDSMWD98pKsgDGUVfGdU1h135KpSfDgoiQrZK2GAPe2xCDupD42jIPLk2\n3qSyrYnVzfrCZ8uBk9j4gqoF5Ki6JSP/3Qm7hiPfhQXcMyQyIQ+2tJyQcSyGf5OM\nRgkmHwjIjkEb8jwwQ6h4LPMNuvqq8Kv6P4wQQeUl7RdtLJfafmFg+mV7bSmV/b28\nHk5EHQrQJ5fVl9jBFxti6aZrhrNr5yRL9yAdrpNB0rWfDN0z9emyGRrW2vli+Zv+\n0xXBZfAiNVAP53ou4gyVkLDZ+zx5lsWSADU1QWbIR2DY+WXUIN5QJ/ayFkNN9gqD\nWrFGHOc/l+Rq82uQi4ND0jTcYqhBG0MyooJf29orPA2tZeKvrcA4/6w12w6eJ7qA\naW5J+BByErqWft42I/JT3CbnK+GBEDHnj4GAeSMHuNolPNsoH5cv0G4yKigW0zLS\n81AzADTcBtKtaSD9aBAPAL6TTGUySmupF8flhHTMcpZh1MbAqo+bObMXUMvCrmST\nyq+5/R0gVuMN0BQ7adwI0akYApuqrNi/Mp9zT+JlU2wiSfaHm58Ugf8YAmc+sfjT\nrHWi1bvzskkrxRfuQ4mX\n=MnPh\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-2695-1\nJuly 29, 2015\n\ntidy vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nHTML Tidy could be made to crash or run programs if it processed specially\ncrafted data. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n libtidy-0.99-0 20091223cvs-1.4ubuntu0.1\n\nUbuntu 14.04 LTS:\n libtidy-0.99-0 20091223cvs-1.2ubuntu1.1\n\nUbuntu 12.04 LTS:\n libtidy-0.99-0 20091223cvs-1ubuntu2.1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2695-1\n CVE-2015-5522, CVE-2015-5523\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/tidy/20091223cvs-1.4ubuntu0.1\n https://launchpad.net/ubuntu/+source/tidy/20091223cvs-1.2ubuntu1.1\n https://launchpad.net/ubuntu/+source/tidy/20091223cvs-1ubuntu2.1\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3309-1 security@debian.org\nhttps://www.debian.org/security/ Alessandro Ghedini\nJuly 18, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tidy\nCVE ID : CVE-2015-5522 CVE-2015-5523\nDebian Bug : 792571\n\nFernando Mu\u00f1oz discovered that invalid HTML input passed to tidy, an\nHTML syntax checker and reformatter, could trigger a buffer overflow. \n\nGeoff McLane also discovered that a similar issue could trigger an\ninteger overflow, leading to a memory allocation of 4GB. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 20091223cvs-1.2+deb7u1. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 20091223cvs-1.4+deb8u1. \n\nFor the unstable distribution (sid), these problems will be fixed soon. \n\nWe recommend that you upgrade your tidy packages",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5522"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004032"
},
{
"db": "BID",
"id": "75037"
},
{
"db": "VULHUB",
"id": "VHN-83483"
},
{
"db": "VULMON",
"id": "CVE-2015-5522"
},
{
"db": "PACKETSTORM",
"id": "133616"
},
{
"db": "PACKETSTORM",
"id": "132893"
},
{
"db": "PACKETSTORM",
"id": "132745"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-5522",
"trust": 3.2
},
{
"db": "BID",
"id": "75037",
"trust": 2.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2015/07/13/7",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2015/07/15/3",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2015/06/04/2",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1033703",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU97220341",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU99970459",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004032",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-225",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "132893",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132745",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-83483",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-5522",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133616",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83483"
},
{
"db": "VULMON",
"id": "CVE-2015-5522"
},
{
"db": "BID",
"id": "75037"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004032"
},
{
"db": "PACKETSTORM",
"id": "133616"
},
{
"db": "PACKETSTORM",
"id": "132893"
},
{
"db": "PACKETSTORM",
"id": "132745"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-225"
},
{
"db": "NVD",
"id": "CVE-2015-5522"
}
]
},
"id": "VAR-201508-0250",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-83483"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:16:41.200000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2015-09-16-1 iOS 9",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
},
{
"title": "APPLE-SA-2015-09-21-1 watchOS 2",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"title": "APPLE-SA-2015-09-30-3 OS X El Capitan 10.11",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"title": "HT205213",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205213"
},
{
"title": "HT205267",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205267"
},
{
"title": "HT205212",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205212"
},
{
"title": "HT205212",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205212"
},
{
"title": "HT205213",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205213"
},
{
"title": "HT205267",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205267"
},
{
"title": "tidy heap-buffer-overflow #217",
"trust": 0.8,
"url": "https://github.com/htacg/tidy-html5/issues/217"
},
{
"title": "HTML Tidy",
"trust": 0.8,
"url": "http://www.html-tidy.org/"
},
{
"title": "tidy_20091223cvs-1.2ubuntu1.1",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57125"
},
{
"title": "tidy_20091223cvs-1ubuntu2.1",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57124"
},
{
"title": "tidy_20091223cvs.orig",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57123"
},
{
"title": "tidy_20091223cvs-1.4ubuntu0.1",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57126"
},
{
"title": "Ubuntu Security Notice: tidy vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2695-1"
},
{
"title": "Debian CVElist Bug Report Logs: tidy: CVE-2015-5522 and CVE-2015-5523",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=74f0e26b3d5eab923ef938b4d1216ece"
},
{
"title": "Debian Security Advisories: DSA-3309-1 tidy -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=8981236793b5941e768a6fded64e230d"
},
{
"title": "Apple: OS X El Capitan v10.11",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=e88bab658248444f5dffc23fd95859e7"
},
{
"title": "afl-cve",
"trust": 0.1,
"url": "https://github.com/mrash/afl-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5522"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004032"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-225"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83483"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004032"
},
{
"db": "NVD",
"id": "CVE-2015-5522"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/75037"
},
{
"trust": 1.9,
"url": "http://www.ubuntu.com/usn/usn-2695-1"
},
{
"trust": 1.8,
"url": "https://github.com/htacg/tidy-html5/issues/217"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2015/dsa-3309"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2015/06/04/2"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2015/07/13/7"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2015/07/15/3"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00001.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00005.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00008.html"
},
{
"trust": 1.2,
"url": "https://support.apple.com/ht205212"
},
{
"trust": 1.2,
"url": "https://support.apple.com/ht205213"
},
{
"trust": 1.2,
"url": "https://support.apple.com/ht205267"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1033703"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5522"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99970459/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97220341/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5522"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5522"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5523"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2695-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41307"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5800"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5765"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5802"
},
{
"trust": 0.1,
"url": "https://www.knownsec.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5795"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5788"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8146"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5794"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1129"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5791"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-3951"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1205"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://www.safeye.org)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5793"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5764"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8611"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5801"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5796"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5790"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3801"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5767"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5748"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/tidy/20091223cvs-1ubuntu2.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/tidy/20091223cvs-1.4ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/tidy/20091223cvs-1.2ubuntu1.1"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83483"
},
{
"db": "VULMON",
"id": "CVE-2015-5522"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004032"
},
{
"db": "PACKETSTORM",
"id": "133616"
},
{
"db": "PACKETSTORM",
"id": "132893"
},
{
"db": "PACKETSTORM",
"id": "132745"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-225"
},
{
"db": "NVD",
"id": "CVE-2015-5522"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-83483"
},
{
"db": "VULMON",
"id": "CVE-2015-5522"
},
{
"db": "BID",
"id": "75037"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004032"
},
{
"db": "PACKETSTORM",
"id": "133616"
},
{
"db": "PACKETSTORM",
"id": "132893"
},
{
"db": "PACKETSTORM",
"id": "132745"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-225"
},
{
"db": "NVD",
"id": "CVE-2015-5522"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-11T00:00:00",
"db": "VULHUB",
"id": "VHN-83483"
},
{
"date": "2015-08-11T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5522"
},
{
"date": "2015-06-04T00:00:00",
"db": "BID",
"id": "75037"
},
{
"date": "2015-08-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004032"
},
{
"date": "2015-09-19T15:18:18",
"db": "PACKETSTORM",
"id": "133616"
},
{
"date": "2015-08-03T01:13:50",
"db": "PACKETSTORM",
"id": "132893"
},
{
"date": "2015-07-20T15:46:19",
"db": "PACKETSTORM",
"id": "132745"
},
{
"date": "2015-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-225"
},
{
"date": "2015-08-11T14:59:14.307000",
"db": "NVD",
"id": "CVE-2015-5522"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-08T00:00:00",
"db": "VULHUB",
"id": "VHN-83483"
},
{
"date": "2016-12-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5522"
},
{
"date": "2015-11-03T19:53:00",
"db": "BID",
"id": "75037"
},
{
"date": "2015-10-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004032"
},
{
"date": "2015-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-225"
},
{
"date": "2024-11-21T02:33:11.940000",
"db": "NVD",
"id": "CVE-2015-5522"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "132745"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-225"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "tidy of lexer.c of ParseValue Heap-based buffer overflow vulnerability in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004032"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-225"
}
],
"trust": 0.6
}
}
gsd-2015-5522
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-5522",
"description": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.",
"id": "GSD-2015-5522",
"references": [
"https://www.suse.com/security/cve/CVE-2015-5522.html",
"https://www.debian.org/security/2015/dsa-3309",
"https://ubuntu.com/security/CVE-2015-5522"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-5522"
],
"details": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.",
"id": "GSD-2015-5522",
"modified": "2023-12-13T01:20:06.641726Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033703",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033703"
},
{
"name": "[oss-security] 20150713 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/07/13/7"
},
{
"name": "https://support.apple.com/HT205212",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205212"
},
{
"name": "APPLE-SA-2015-09-30-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name": "[oss-security] 20150604 CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/04/2"
},
{
"name": "USN-2695-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2695-1"
},
{
"name": "https://support.apple.com/HT205267",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205267"
},
{
"name": "DSA-3309",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3309"
},
{
"name": "APPLE-SA-2015-09-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"name": "https://github.com/htacg/tidy-html5/issues/217",
"refsource": "CONFIRM",
"url": "https://github.com/htacg/tidy-html5/issues/217"
},
{
"name": "https://support.apple.com/HT205213",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205213"
},
{
"name": "75037",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75037"
},
{
"name": "APPLE-SA-2015-09-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
},
{
"name": "[oss-security] 20150714 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/07/15/3"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:htacg:tidy:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.9.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.6.8",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5522"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150604 CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"refsource": "MLIST",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/04/2"
},
{
"name": "https://github.com/htacg/tidy-html5/issues/217",
"refsource": "CONFIRM",
"tags": [
"Exploit"
],
"url": "https://github.com/htacg/tidy-html5/issues/217"
},
{
"name": "USN-2695-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2695-1"
},
{
"name": "[oss-security] 20150714 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"refsource": "MLIST",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/07/15/3"
},
{
"name": "DSA-3309",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3309"
},
{
"name": "[oss-security] 20150713 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow",
"refsource": "MLIST",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/07/13/7"
},
{
"name": "APPLE-SA-2015-09-16-1",
"refsource": "APPLE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
},
{
"name": "https://support.apple.com/HT205212",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205212"
},
{
"name": "https://support.apple.com/HT205267",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205267"
},
{
"name": "APPLE-SA-2015-09-30-3",
"refsource": "APPLE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name": "APPLE-SA-2015-09-21-1",
"refsource": "APPLE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"name": "https://support.apple.com/HT205213",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205213"
},
{
"name": "75037",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/75037"
},
{
"name": "1033703",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1033703"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2016-12-08T03:10Z",
"publishedDate": "2015-08-11T14:59Z"
}
}
}
fkie_cve-2015-5522
Vulnerability from fkie_nvd
Published
2015-08-11 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| htacg | tidy | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | watchos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:htacg:tidy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0F4152-4A31-452F-A45C-E9F2D8A2A1AB",
"versionEndIncluding": "4.9.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0340315-35F7-4736-854B-852916D00673",
"versionEndIncluding": "8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A0EBC0-73C1-4640-90AD-4371D1C0D09F",
"versionEndIncluding": "10.6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCBD0D8B-CD44-4B09-834F-F640546DFED4",
"versionEndIncluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n ParseValue en lexer.c en tidy en versiones anteriores a 4.9.31, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores implicando un car\u00e1cter de comando en un href."
}
],
"id": "CVE-2015-5522",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-08-11T14:59:14.307",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3309"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/04/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/07/13/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/07/15/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75037"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1033703"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2695-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://github.com/htacg/tidy-html5/issues/217"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205212"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205213"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/04/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/07/13/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/07/15/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2695-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://github.com/htacg/tidy-html5/issues/217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205267"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cnvd-2015-03819
Vulnerability from cnvd
Title: Tidy ‘tmbstr.c’堆缓冲区溢出漏洞
Description:
Tidy是一个用于纠正和清理HTML文件的错误及整齐排列代码的软件及函式库。
Tidy存在堆缓冲区溢出漏洞,允许攻击者可利用漏洞使应用程序崩溃或执行任意代码。
Severity: 高
Patch Name: Tidy ‘tmbstr.c’堆缓冲区溢出漏洞的补丁
Patch Description:
Tidy是一个用于纠正和清理HTML文件的错误及整齐排列代码的软件及函式库。
Tidy存在堆缓冲区溢出漏洞,允许攻击者可利用漏洞使应用程序崩溃或执行任意代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞: http://tidy.sourceforge.net/
Reference: http://www.securityfocus.com/bid/75037
Impacted products
| Name | Sourceforge Tidy |
|---|
{
"bids": {
"bid": {
"bidNumber": "75037"
}
},
"cves": {
"cve": [
{
"cveNumber": "CVE-2015-5522"
},
{
"cveNumber": "CVE-2015-5523"
}
]
},
"description": "Tidy\u662f\u4e00\u4e2a\u7528\u4e8e\u7ea0\u6b63\u548c\u6e05\u7406HTML\u6587\u4ef6\u7684\u9519\u8bef\u53ca\u6574\u9f50\u6392\u5217\u4ee3\u7801\u7684\u8f6f\u4ef6\u53ca\u51fd\u5f0f\u5e93\u3002\r\n\r\nTidy\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"discovererName": "Fernando Mu\u00c3\u00b1oz",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://tidy.sourceforge.net/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-03819",
"openTime": "2015-06-17",
"patchDescription": "Tidy\u662f\u4e00\u4e2a\u7528\u4e8e\u7ea0\u6b63\u548c\u6e05\u7406HTML\u6587\u4ef6\u7684\u9519\u8bef\u53ca\u6574\u9f50\u6392\u5217\u4ee3\u7801\u7684\u8f6f\u4ef6\u53ca\u51fd\u5f0f\u5e93\u3002\r\n\r\nTidy\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Tidy \u2018tmbstr.c\u2019\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Sourceforge Tidy"
},
"referenceLink": "http://www.securityfocus.com/bid/75037",
"serverity": "\u9ad8",
"submitTime": "2015-06-11",
"title": "Tidy \u2018tmbstr.c\u2019\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
ghsa-wp28-phrj-p6rh
Vulnerability from github
Published
2022-05-17 03:22
Modified
2022-05-17 03:22
VLAI Severity ?
Details
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
{
"affected": [],
"aliases": [
"CVE-2015-5522"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-08-11T14:59:00Z",
"severity": "MODERATE"
},
"details": "Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.",
"id": "GHSA-wp28-phrj-p6rh",
"modified": "2022-05-17T03:22:38Z",
"published": "2022-05-17T03:22:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5522"
},
{
"type": "WEB",
"url": "https://github.com/htacg/tidy-html5/issues/217"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT205212"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT205213"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT205267"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3309"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/06/04/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/07/13/7"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/07/15/3"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/75037"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1033703"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2695-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…