var-201103-0291
Vulnerability from variot

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information. plural Apple Product LIBTIFF Is libtiff/tif_fax3.h. libTIFF is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. NOTE: This BID was previously titled 'Apple iTunes libTIFF CCITT Group 4 Encoded TIFF Image Buffer Overflow Vulnerability' but has been changed to better reflect the affected library. Note (March 30, 2011): This issue has not been patched as expected. This library contains some command line tools for working with TIFF files. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


Debian Security Advisory DSA-2210-2 security@debian.org http://www.debian.org/security/ Luciano Bello June 25, 2011 http://www.debian.org/security/faq


Package : tiff Vulnerability : several Problem type : local (remote) Debian-specific: no CVE ID : CVE-2011-0191 CVE-2011-0192 CVE-2011-1167 Debian Bug : 619614 630042

The recent tiff update DSA-2210-1 introduced a regression that could lead to encoding problems of tiff files. This issue affects the Debian 5.0 Lenny package only.

For the oldstable distribution (lenny), this problem has been fixed in version 3.8.2-11.5.

For the stable distribution (squeeze), this problem has been fixed in version 3.9.4-5+squeeze3.

For the testing distribution (wheezy), this problem has been fixed in version 3.9.5-1.

For the unstable distribution (sid), this problem has been fixed in version 3.9.5-1.

We recommend that you upgrade your tiff packages. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-1085-2 March 15, 2011 tiff regression https://launchpad.net/bugs/731540 ===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS: libtiff4 3.7.4-1ubuntu3.10

Ubuntu 8.04 LTS: libtiff4 3.8.2-7ubuntu3.8

Ubuntu 9.10: libtiff4 3.8.2-13ubuntu0.5

Ubuntu 10.04 LTS: libtiff4 3.9.2-2ubuntu0.5

Ubuntu 10.10: libtiff4 3.9.4-2ubuntu0.2

After a standard system update you need to restart your session to make all the necessary changes.

Details follow:

USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream fixes were incomplete and created problems for certain CCITTFAX4 files.

We apologize for the inconvenience.

Original advisory details:

Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS and 10.10. (CVE-2010-2482)

Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 10.10. (CVE-2010-2482)

Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. (CVE-2010-2595)

Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. (CVE-2010-2597, CVE-2010-2598)

It was discovered that the TIFF library incorrectly validated certain data types. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. (CVE-2010-2630)

It was discovered that the TIFF library incorrectly handled downsampled JPEG data. This issue only affected Ubuntu 10.04 LTS and 10.10. (CVE-2010-3087)

It was discovered that the TIFF library incorrectly handled certain JPEG data. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS and 9.10. (CVE-2011-0191)

It was discovered that the TIFF library incorrectly handled certain TIFF FAX images. (CVE-2011-0191)

Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.diff.gz
  Size/MD5:    24707 92ee677a20237cfdb17b5dcbe024fc81
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.dsc
  Size/MD5:     1445 19186c480eda8ade1d4fd194a7e08bf6
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4.orig.tar.gz
  Size/MD5:  1280113 02cf5c3820bda83b35bb35b45ae27005

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_amd64.deb
  Size/MD5:   220784 7b8f336c5190b816fb92f498b30755c9
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_amd64.deb
  Size/MD5:   283278 2633a7f81897814f7bddb303f6952b34
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_amd64.deb
  Size/MD5:   488554 bd11ebd5ae319660ec0eff4f22b55268
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_amd64.deb
  Size/MD5:    45210 2d75169ed1d84f4907d505780123691d
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_amd64.deb
  Size/MD5:    50372 d606202ec431cee4d43658887b7c53f7

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_i386.deb
  Size/MD5:   206424 d346905ce628f3b5afdfe1a4b5e46ee8
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_i386.deb
  Size/MD5:   260146 f8a0af4bb2a87fab5833e8bea85b4179
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_i386.deb
  Size/MD5:   462812 81f1884d1f83fbc7cf670233e79e464b
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_i386.deb
  Size/MD5:    45144 047a98941044eb476ff601a50a94cb97
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_i386.deb
  Size/MD5:    49650 0298317461310597a873c28bbe6c9c2d

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_powerpc.deb
  Size/MD5:   240378 8f832fa2e7ca2122ea17b8440db407a3
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_powerpc.deb
  Size/MD5:   289250 7118c8a2b9ee67fb759d89631b80ec33
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_powerpc.deb
  Size/MD5:   477164 46d81e5cca275c4f9fa490bccf5e1b54
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_powerpc.deb
  Size/MD5:    47366 8f493b29a1c6af1ede1ae20bb340542e
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_powerpc.deb
  Size/MD5:    52018 9cbc82320c0fb9160a55d9e966935308

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_sparc.deb
  Size/MD5:   209294 1c075ff5d8fe054cfbe59767156f2b12
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_sparc.deb
  Size/MD5:   271226 083721bbf42b3a9c2ba0619725cdea1c
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_sparc.deb
  Size/MD5:   467842 244140481e39cbae1caeea1cbc7242fb
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_sparc.deb
  Size/MD5:    45072 0ecf1aa2519fd0f70a54e97299a9a2aa
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_sparc.deb
  Size/MD5:    50206 1fd3434ab16f251802c05e69b2ec4172

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.diff.gz
  Size/MD5:    23098 1ee89aac13034400cc5f65bc82350576
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.dsc
  Size/MD5:     1534 db81aff18857a6a792e8e3d9f6419c25
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz
  Size/MD5:  1333780 e6ec4ab957ef49d5aabc38b7a376910b

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_amd64.deb
  Size/MD5:   186052 117b7fef507321d3b40f31e82121d65c
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_amd64.deb
  Size/MD5:   583498 356ff0e0f3fa15764371a8d0ffbd2574
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_amd64.deb
  Size/MD5:   132044 f21e514b5f9ffa5e083d48e3ff2876be
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_amd64.deb
  Size/MD5:     5060 bd0be2af72fb9789ef27a5cf3445a960
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_amd64.deb
  Size/MD5:    10482 a49a0b07d12a18248a56d1c64322687b

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_i386.deb
  Size/MD5:   175314 d510325b149f2106114857e9cd1887a1
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_i386.deb
  Size/MD5:   552824 044e167a1106988f710d4b26cd480c13
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_i386.deb
  Size/MD5:   123468 8c41a5b4deb4daf59a27aa18bafc2a33
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_i386.deb
  Size/MD5:     5044 221fabdeb10a45b0e39b30fcd9876d57
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_i386.deb
  Size/MD5:     9934 139ed154385849ed4a76c21f14d1824c

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_lpia.deb
  Size/MD5:   177010 f861eceecd6f08085a7e66038b28d148
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_lpia.deb
  Size/MD5:   555294 27b3f40726cd5cf866dd80b5fb5f652d
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_lpia.deb
  Size/MD5:   124582 a101756bd948bc2d526bbb3793655c46
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_lpia.deb
  Size/MD5:     4916 0fde80306a67eb766b878040048003fa
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_lpia.deb
  Size/MD5:     9976 36fdc7a9337f4a5391a5d951624775df

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_powerpc.deb
  Size/MD5:   223488 04f35d447aa797b255c249719f467896
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_powerpc.deb
  Size/MD5:   577476 53e4f31126ecae60b54a2614c29a02ef
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_powerpc.deb
  Size/MD5:   135174 24d5e5f4e4903eae9ba2b4163eb0ab44
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_powerpc.deb
  Size/MD5:     7512 a361eb4c3985a90189342aced3932676
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_powerpc.deb
  Size/MD5:    13288 2f458ba98bbf136958d2a8cdc87a83ab

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_sparc.deb
  Size/MD5:   178860 d48dc98bba2aaaf1830ad3a9d69b99db
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_sparc.deb
  Size/MD5:   558838 c9ffd065811bf117f5c57dae82c4173b
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_sparc.deb
  Size/MD5:   123254 e11f44522f5cef8b3f4a8a633be5437d
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_sparc.deb
  Size/MD5:     4796 498f87c694b19560fe59ee3afb605af4
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_sparc.deb
  Size/MD5:    10700 5bb66a32a926f8fbd1a5b864a3d88cd7

Updated packages for Ubuntu 9.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.diff.gz
  Size/MD5:    43070 e8b35ecf046a7c3619e1d9929de8b830
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.dsc
  Size/MD5:     1978 d8a8180b56ba05c422d4b443afb1d44e
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz
  Size/MD5:  1333780 e6ec4ab957ef49d5aabc38b7a376910b

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.5_all.deb
  Size/MD5:   348112 a84bc452f3a0eea39c87ac3ac744112c

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_amd64.deb
  Size/MD5:   191416 300ef146f5155ff8ccdf51e8a684ff34
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_amd64.deb
  Size/MD5:   252426 b78ec6fcac494ac67fb4b357632dace3
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_amd64.deb
  Size/MD5:   135940 d3f0cb6e3491b6d335e905ddb2139dfc
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_amd64.deb
  Size/MD5:     6332 b7da9edb5b42f9c08596a6b1966cb6e0
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_amd64.deb
  Size/MD5:    12004 3107c05e0644d55184c568fbd205c8d4

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_i386.deb
  Size/MD5:   176368 b2b0a5ed89fa9405dea1a1944bf4e606
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_i386.deb
  Size/MD5:   232588 71573f111b56ed24c2bb95e70cf24950
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_i386.deb
  Size/MD5:   125002 9127f1c5991d7bebf346d7996aa05549
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_i386.deb
  Size/MD5:     6446 8535ecbdf277f311afe69e053e7027eb
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_i386.deb
  Size/MD5:    11292 21192b1ec3a90204f70ac7e715f6ef94

armel architecture (ARM Architecture):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_armel.deb
  Size/MD5:   182752 27e8c1ba005bb913056725f27afed10b
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_armel.deb
  Size/MD5:   233860 7bb2dfcf30084a32cfda47150de12820
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_armel.deb
  Size/MD5:   124716 5bf3991de9df681e72aeb2b9cb0157e3
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_armel.deb
  Size/MD5:     5966 f7269719e2c4b9f44abb54ea640452b9
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_armel.deb
  Size/MD5:    11160 213b7115f391a62a039e86bd2aed21e3

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_lpia.deb
  Size/MD5:   177048 6f228aae0027ce228001ab1e03c1420f
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_lpia.deb
  Size/MD5:   234412 2be52c2f11d51dc60ebd6358921ed539
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_lpia.deb
  Size/MD5:   126608 5b98943322e5546def050c29f0137c51
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_lpia.deb
  Size/MD5:     6312 9dfcffd32f1aa8e42e6e5f94c8171333
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_lpia.deb
  Size/MD5:    11340 69f92d56438e597d2733cca9fe192e09

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_powerpc.deb
  Size/MD5:   191484 3af0b1c5f8e037c97831d2321c144069
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_powerpc.deb
  Size/MD5:   256554 94513c2b20ec5e2206d5b5476ac4b6e1
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_powerpc.deb
  Size/MD5:   137434 0dd8d58ca4136b26395ec9619352cbf4
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_powerpc.deb
  Size/MD5:     6724 752b5398be235d406db9b0070c8b4bcc
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_powerpc.deb
  Size/MD5:    12080 857d09fbe80934ec33149da04cf5b4fe

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_sparc.deb
  Size/MD5:   184288 a83a8a638af348c50d3bb64a2c0490e4
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_sparc.deb
  Size/MD5:   237164 9a5c6358c6c65dfc8e5154f79c5937a1
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_sparc.deb
  Size/MD5:   125062 2e70ed4b0b98f15d9b6d4d1aa2c223fe
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_sparc.deb
  Size/MD5:     6096 e374e39bdeb2b16f8944713dc6b59ec2
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_sparc.deb
  Size/MD5:    12036 3bd0ece44e01a49c32decff3d318bcc3

Updated packages for Ubuntu 10.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.diff.gz
  Size/MD5:    20142 b939eddaecc09a223f750ddc9ec300a7
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.dsc
  Size/MD5:     1974 0ab3539d8af96ca2ca23c1d74d79e8c6
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2.orig.tar.gz
  Size/MD5:  1419742 93e56e421679c591de7552db13384cb8

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.5_all.deb
  Size/MD5:   359126 ddf2cb68732e7fd96ea2078ce0ad4742

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_amd64.deb
  Size/MD5:   250490 975aec44c621ff1e524a7d0c344c461d
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_amd64.deb
  Size/MD5:   269922 24ffd793f4f4cab1c419281358f95b06
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_amd64.deb
  Size/MD5:   149244 8de4b36f57fd254339472d92d58df436
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_amd64.deb
  Size/MD5:     6384 dd647e2d96b24485c9a3d512568a33e8
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_amd64.deb
  Size/MD5:    12028 f312a06be417327ccaab3bc83fce43ee

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_i386.deb
  Size/MD5:   234120 b80a26f6acbf41fc2835dea7be97d332
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_i386.deb
  Size/MD5:   246962 2aced2d3476f07034714c32581451fca
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_i386.deb
  Size/MD5:   136750 9e662029ab9932f9bb5cf551c9a25c70
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_i386.deb
  Size/MD5:     6486 588d1bff01cbec45eefbfb25864b48c7
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_i386.deb
  Size/MD5:    11282 028b976bcc83292a2a436961a26cff1b

armel architecture (ARM Architecture):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_armel.deb
  Size/MD5:   237816 b1bb7396d24ca82d5a72012e7f5902df
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_armel.deb
  Size/MD5:   238800 82ec468a735c037f758424ee05ab0eda
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_armel.deb
  Size/MD5:   129636 b6277537fd8ca0a7258d156b8185fc6c
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_armel.deb
  Size/MD5:     5980 5ee322e0d78f7f440501872a91e78c98
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_armel.deb
  Size/MD5:    11300 c0120b282e1fa3c9922b9218a1d86271

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_powerpc.deb
  Size/MD5:   253514 208b8a67298bb8435b790579c2369258
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_powerpc.deb
  Size/MD5:   275256 4ccb314e621e464c06a709fbd7632384
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_powerpc.deb
  Size/MD5:   150724 4787f755ef29dd7198699c9456ca5fd0
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_powerpc.deb
  Size/MD5:     6770 759c330d4a755d3d217ca8afef8cb191
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_powerpc.deb
  Size/MD5:    12092 86dd9f88b6d3f4e3f7ee0c3f98ce4448

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_sparc.deb
  Size/MD5:   248776 0e081f6795686de636fdb537d0da0af3
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_sparc.deb
  Size/MD5:   257346 b1cb2500a7b1ada561852e12546279a4
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_sparc.deb
  Size/MD5:   143484 b24ccd56b9eee79c062d8a1e13e65326
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_sparc.deb
  Size/MD5:     6226 28e807e1ae69640a7e0a35ea79b8913a
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_sparc.deb
  Size/MD5:    11922 1acad867116630bb02cf53831f49fb91

Updated packages for Ubuntu 10.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.debian.tar.gz
  Size/MD5:    18124 6b91f60b7bc92c8f0710f4088c1f38f3
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.dsc
  Size/MD5:     1991 020c2a94b61792b09f6d01752f2c7f5d
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4.orig.tar.gz
  Size/MD5:  1436968 2006c1bdd12644dbf02956955175afd6

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.4-2ubuntu0.2_all.deb
  Size/MD5:   342928 4d7df4c971ba92ab11d738820853fcc4

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_amd64.deb
  Size/MD5:   248246 dd83a166330ad6268952b8e49f075012
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_amd64.deb
  Size/MD5:   270788 73525f6754327725fd2e93fe1fc0e4fb
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_amd64.deb
  Size/MD5:   149490 2da1a59a5a933e822256d2b6d89454c6
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_amd64.deb
  Size/MD5:     6310 b566e3ac1e893179519b2596798ad492
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_amd64.deb
  Size/MD5:    11806 a523fb6ef9ac518e5869fdc9bd72d937

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_i386.deb
  Size/MD5:   230148 a676650de4cfea04a7bfd000de0da151
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_i386.deb
  Size/MD5:   247138 95194c2ea2ab0ca87e6b8867dae07385
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_i386.deb
  Size/MD5:   136668 f0931de0028f3538f92ef2547cde7bba
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_i386.deb
  Size/MD5:     6424 ad458d476aa6df65bfaec35f5cba9c0b
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_i386.deb
  Size/MD5:    11144 efd76c12cc9f9df3ba719e8f073a6bfa

armel architecture (ARM Architecture):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_armel.deb
  Size/MD5:   256880 6aedba603449a04715b504caac95ed22
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_armel.deb
  Size/MD5:   271424 0587dc26b90416181bb71f0ee0acbed3
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_armel.deb
  Size/MD5:   151800 0a97a3959787ce6e4d4a60db21f4bd19
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_armel.deb
  Size/MD5:     5844 6efde8a677921feabc6dd5156181d72a
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_armel.deb
  Size/MD5:    11228 9e354f5270bc717488682dfc4712e74a

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_powerpc.deb
  Size/MD5:   250366 6fa58ac5fb03e3b6866499f53cb3e79d
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_powerpc.deb
  Size/MD5:   275860 d4f92d8330e793d8056e4bc5c180fba9
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_powerpc.deb
  Size/MD5:   150712 c47116bbde1de23b39bd86ce6733e033
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_powerpc.deb
  Size/MD5:     6702 d9524527cbcbd6b38cb782d73adbdc3b
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_powerpc.deb
  Size/MD5:    11962 a31983d4e49adaa4fa0321c16105bae3

. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201209-02


                                        http://security.gentoo.org/

Severity: Normal Title: libTIFF: Multiple vulnerabilities Date: September 23, 2012 Bugs: #307001, #324885, #357271, #359871, #371308, #410931, #422673, #427166 ID: 201209-02


Synopsis

Multiple vulnerabilities in libTIFF could result in execution of arbitrary code or Denial of Service.

Background

libTIFF provides support for reading and manipulating TIFF (Tagged Image File Format) images.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 media-libs/tiff < 4.0.2-r1 *>= 3.9.5-r2 >= 4.0.2-r1

Description

Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifiers referenced below for details.

Workaround

There is no known workaround at this time.

Resolution

All libTIFF 4.0 users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/tiff-4.0.2-r1"

All libTIFF 3.9 users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/tiff-3.9.5-r2"

References

[ 1 ] CVE-2009-2347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2347 [ 2 ] CVE-2009-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5022 [ 3 ] CVE-2010-1411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1411 [ 4 ] CVE-2010-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2065 [ 5 ] CVE-2010-2067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2067 [ 6 ] CVE-2010-2233 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2233 [ 7 ] CVE-2010-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2443 [ 8 ] CVE-2010-2481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2481 [ 9 ] CVE-2010-2482 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2482 [ 10 ] CVE-2010-2483 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2483 [ 11 ] CVE-2010-2595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2595 [ 12 ] CVE-2010-2596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2596 [ 13 ] CVE-2010-2597 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2597 [ 14 ] CVE-2010-2630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2630 [ 15 ] CVE-2010-2631 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2631 [ 16 ] CVE-2010-3087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3087 [ 17 ] CVE-2010-4665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4665 [ 18 ] CVE-2011-0192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192 [ 19 ] CVE-2011-0192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192 [ 20 ] CVE-2011-1167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167 [ 21 ] CVE-2011-1167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167 [ 22 ] CVE-2012-1173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1173 [ 23 ] CVE-2012-2088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2088 [ 24 ] CVE-2012-2113 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2113 [ 25 ] CVE-2012-3401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3401

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-02.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us.

License

Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2011-10-12-1 iOS 5 Software Update

iOS 5 Software Update is now available and addresses the following:

CalDAV Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information from a CalDAV calendar server Description: CalDAV did not check that the SSL certificate presented by the server was trusted. CVE-ID CVE-2011-3253 : Leszek Tasiemski of nSense

Calendar Available for: iOS 4.2.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 4.2.0 through 4.3.5 for iPod touch (3rd generation) and later, iOS 4.2.0 through 4.3.5 for iPad Impact: Viewing a maliciously crafted calendar invitation may inject script in the local domain Description: A script injection issue existed in Calendar's handling of invitation notes. This issue is addressed through improved escaping of special characters in invitation notes. This issues does not affect devices prior to iOS 4.2.0. CVE-ID CVE-2011-3254 : Rick Deacon

CFNetwork Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: User's AppleID password may be logged to a local file Description: A user's AppleID password and username were logged to a file that was readable by applications on the system. This is resolved by no longer logging these credentials. CVE-ID CVE-2011-3255 : Peter Quade of qdevelop

CFNetwork Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of HTTP cookies. When accessing a maliciously crafted HTTP or HTTPS URL, CFNetwork could incorrectly send the cookies for a domain to a server outside that domain. CVE-ID CVE-2011-3246 : Erling Ellingsen of Facebook

CoreFoundation Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted website or e-mail message may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in CoreFoundation's handling of string tokenization. CVE-ID CVE-2011-0259 : Apple

CoreGraphics Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a document containing a maliciously crafted font may lead to arbitrary code execution Description: Multiple memory corruption existed in freetype, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. CVE-ID CVE-2011-3256 : Apple

CoreMedia Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to the disclosure of video data from another site Description: A cross-origin issue existed in CoreMedia's handling of cross-site redirects. This issue is addressed through improved origin tracking. CVE-ID CVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR)

Data Access Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An exchange mail cookie management issue could incorrectly cause data synchronization across different accounts Description: When multiple mail exchange accounts are configured which connect to the same server, a session could potentially receive a valid cookie corresponding to a different account. This issue is addressed by ensuring that cookies are separated across different accounts. CVE-ID CVE-2011-3257 : Bob Sielken of IBM

Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Fraudulent certificates were issued by multiple certificate authorities operated by DigiNotar. This issue is addressed by removing DigiNotar from the list of trusted root certificates, from the list of Extended Validation (EV) certificate authorities, and by configuring default system trust settings so that DigiNotar's certificates, including those issued by other authorities, are not trusted.

Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Support for X.509 certificates with MD5 hashes may expose users to spoofing and information disclosure as attacks improve Description: Certificates signed using the MD5 hash algorithm were accepted by iOS. This algorithm has known cryptographic weaknesses. Further research or a misconfigured certificate authority could have allowed the creation of X.509 certificates with attacker controlled values that would have been trusted by the system. This would have exposed X.509 based protocols to spoofing, man in the middle attacks, and information disclosure. This update disables support for an X.509 certificate with an MD5 hash for any use other than as a trusted root certificate. CVE-ID CVE-2011-3427

Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker could decrypt part of a SSL connection Description: Only the SSLv3 and TLS 1.0 versions of SSL were supported. These versions are subject to a protocol weakness when using block ciphers. A man-in-the-middle attacker could have injected invalid data, causing the connection to close but revealing some information about the previous data. If the same connection was attempted repeatedly the attacker may eventually have been able to decrypt the data being sent, such as a password. This issue is addressed by adding support for TLS 1.2. CVE-ID CVE-2011-3389

Home screen Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Switching between applications may lead to the disclosure of sensitive application information Description: When switching between applications with the four- finger app switching gesture, the display could have revealed the previous application state. This issue is addressed by ensuring that the system properly calls the applicationWillResignActive: method when transitioning between applications. CVE-ID CVE-2011-3431 : Abe White of Hedonic Software Inc. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies

International Components for Unicode Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ICU's generation of collation keys for long strings of mostly uppercase letters. CVE-ID CVE-2011-0206 : David Bienvenu of Mozilla

Kernel Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A remote attacker may cause a device reset Description: The kernel failed to promptly reclaim memory from incomplete TCP connections. An attacker with the ability to connect to a listening service on an iOS device could exhaust system resources. CVE-ID CVE-2011-3259 : Wouter van der Veer of Topicus I&I, and Josh Enders

Kernel Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A local user may be able to cause a system reset Description: A null dereference issue existed in the handling of IPV6 socket options. CVE-ID CVE-2011-1132 : Thomas Clement of Intego

Keyboards Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A user may be able to determine information about the last character of a password Description: The keyboard used to type the last character of a password was briefly displayed the next time the keyboard was used. CVE-ID CVE-2011-3245 : Paul Mousdicas

libxml Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team

OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted Word file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in OfficeImport's handling of Microsoft Word documents. CVE-ID CVE-2011-3260 : Tobias Klein working with Verisign iDefense Labs

OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A double free issue existed in OfficeImport's handling of Excel files. CVE-ID CVE-2011-3261 : Tobias Klein of www.trapkit.de

OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in OfficeImport's handling of Microsoft Office files. CVE-ID CVE-2011-0208 : Tobias Klein working with iDefense VCP

OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Downloading a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in OfficeImport's handling of Excel files. CVE-ID CVE-2011-0184 : Tobias Klein working with iDefense VCP

Safari Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Opening maliciously crafted files on certain websites may lead to a cross-site scripting attack Description: iOS did not support the 'attachment' value for the HTTP Content-Disposition header. This header is used by many websites to serve files that were uploaded to the site by a third-party, such as attachments in web-based e-mail applications. Any script in files served with this header value would run as if the file had been served inline, with full access to other resources on the origin server. This issue is addressed by loading attachments in an isolated security origin with no access to resources on other sites. CVE-ID CVE-2011-3426 : Christian Matthies working with iDefense VCP, Yoshinori Oota from Business Architects Inc working with JP/CERT

Settings Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with physical access to a device may be able to recover the restrictions passcode Description: The parental restrictions functionality enforces UI restrictions. Configuring parental restrictions is protected by a passcode, which was previously stored in plaintext on disk. This issue is addressed by securely storing the parental restrictions passcode in the system keychain. CVE-ID CVE-2011-3429 : an anonymous reporter

Settings Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Misleading UI Description: Configurations and settings applied via configuration profiles did not appear to function properly under any non-English language. Settings could be improperly displayed as a result. This issue is addressed by fixing a localization error. CVE-ID CVE-2011-3430 : Florian Kreitmaier of Siemens CERT

UIKit Alerts Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a malicious website may cause an unexpected device hang Description: An excessive maximum text layout length permitted malicious websites to cause iOS to hang when drawing acceptance dialogs for very long tel: URIs. This issue is addressed by using a more reasonable maximum URI size. CVE-ID CVE-2011-3432 : Simon Young of Anglia Ruskin University

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous reporter working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509 CVE-2011-2338 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2339 : Cris Neckar of the Google Chrome Security Team CVE-2011-2341 : Apple CVE-2011-2351 : miaubiz CVE-2011-2352 : Apple CVE-2011-2354 : Apple CVE-2011-2356 : Adam Barth and Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2011-2359 : miaubiz CVE-2011-2788 : Mikolaj Malecki of Samsung CVE-2011-2790 : miaubiz CVE-2011-2792 : miaubiz CVE-2011-2797 : miaubiz CVE-2011-2799 : miaubiz CVE-2011-2809 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-2813 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2814 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2816 : Apple CVE-2011-2817 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2818 : Martin Barbella CVE-2011-2820 : Raman Tenneti and Philip Rogers of Google CVE-2011-2823 : SkyLined of Google Chrome Security Team CVE-2011-2827 : miaubiz CVE-2011-2831 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-3232 : Aki Helin of OUSPG CVE-2011-3234 : miaubiz CVE-2011-3235 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the Chromium development community, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-3236 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-3237 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the Chromium development community, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-3244 : vkouchna

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. This issue is addressed through improved handling of URLs with an embedded username. CVE-ID CVE-2011-0242 : Jobert Abma of Online24

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of DOM nodes. CVE-ID CVE-2011-1295 : Sergey Glazunov

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. CVE-ID CVE-2011-1107 : Jordi Chancel

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings. CVE-ID CVE-2011-1774 : Nicolas Gregoire of Agarri

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a malicious website and dragging content in the page may lead to an information disclosure Description: A cross-origin issue existed in WebKit's handling of HTML5 drag and drop. This issue is addressed by disallowing drag and drop across different origins. CVE-ID CVE-2011-0166 : Michal Zalewski of Google Inc.

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: A cross-origin issue existed in the handling of Web Workers. CVE-ID CVE-2011-1190 : Daniel Divricean of divricean.ro

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of the window.open method. CVE-ID CVE-2011-2805 : Sergey Glazunov

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of inactive DOM windows. CVE-ID CVE-2011-3243 : Sergey Glazunov

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of the document.documentURI property. CVE-ID CVE-2011-2819 : Sergey Glazunov

WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A maliciously crafted website may be able to track the URLs that a user visits within a frame Description: A cross-origin issue existed in the handling of the beforeload event. CVE-ID CVE-2011-2800 : Juho Nurminen

WiFi Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: WiFi credentials may be logged to a local file Description: WiFi credentials including the passphrase and encryption keys were logged to a file that was readable by applications on the system. This is resolved by no longer logging these credentials. CVE-ID CVE-2011-3434 : Laurent OUDOT of TEHTRI Security

Installation note:

This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad.

The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer.

To check that the iPhone, iPod touch, or iPad has been updated:

  • Navigate to Settings
  • Select General
  • Select About. The version after applying this update will be "5 (9A334)".

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)

iQEcBAEBAgAGBQJOldmtAAoJEGnF2JsdZQee/qMIAIPxmIiOqj+FMLFHZtPeC/Dp 3s4JliKOOgNnjXkxErfaNvYGmeVbDaUER5jdVrWccTauzlYmy8G4uK0An2GD2YiP gB5AiCQXpONdBCi38QNdRqrYoYjc8Sa0nUp4r5uWPoiHoj5KfxvBpgygEL+zjHXS fmnrONOCWhOYp0w4q6mdTg5BH2uJCbXscD/JjbmgHQI0Vs/iUZKSRyqFo2b0Mvze NiSyzcj/4l62Cxx7xM9VbdrYL7Al2yyHfNYJQsZmoeDUlJQcdgEgEMXvOuhY3sFK maxYr2oCp6Mtf53fplAeJIV4ijLynEWAKxTuTznAyW1k7oiGrDTfORSFKPEB9MQ= =LCQZ -----END PGP SIGNATURE-----

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201103-0291",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "9.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "9.2.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "9.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "9.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "10.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.1.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.0.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "8.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "7.3.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "7.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "7.3.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "4.7.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "6.0.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "4.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "8.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "4.6"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "6.0.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "6.0.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "4.7"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "apple",
        "version": "10"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.0.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.6.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.3.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.6.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0.4.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.7.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.4.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.2.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.4.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.6"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.7"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.2.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "itunes",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.1.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.7.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.7.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "9.0.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.6.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "5.0.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.5.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.1.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.5.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.4.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.7.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.1.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.9.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.8.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.6.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.0.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.2.0"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.8"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3.0 to  4.2.1 (iphone 3gs after )"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3.1 to  4.2.1 (ipod touch (3rd generation) after )"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3.2 to  4.2.1 (ipad for )"
      },
      {
        "model": "ipad",
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "iphone",
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "ipod touch",
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (ws)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4.8 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4.8 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5 (server)"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4.0"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5.0 (client)"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "6"
      },
      {
        "model": "enterprise linux hpc node",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "6"
      },
      {
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "6"
      },
      {
        "model": "enterprise linux workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "6"
      },
      {
        "model": "rhel desktop workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5 (client)"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.1.2"
      },
      {
        "model": "in motion blackberry enterprise server for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "linux hppa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.7"
      },
      {
        "model": "in motion blackberry enterprise server for novell groupwise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1"
      },
      {
        "model": "in motion blackberry enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.0.3"
      },
      {
        "model": "linux enterprise sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.0"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "in motion blackberry enterprise server express for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.0"
      },
      {
        "model": "in motion blackberry enterprise server for exchange sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.0"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "in motion blackberry enterprise server for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1.1"
      },
      {
        "model": "in motion blackberry enterprise server express for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "opencall multiservice controller sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "4.0"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "in motion blackberry enterprise server for domino sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1"
      },
      {
        "model": "beta2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "4.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "in motion blackberry enterprise server for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.10"
      },
      {
        "model": "hat enterprise linux hpc node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "6"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.3"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "aura system platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.8"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.7.4"
      },
      {
        "model": "in motion blackberry enterprise server for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0"
      },
      {
        "model": "itunes",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.6.0"
      },
      {
        "model": "aura system platform sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "in motion blackberry enterprise server express for exchange mr1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.2"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "9.1"
      },
      {
        "model": "linux enterprise sp4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "in motion blackberry enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.6"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2010.1"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1"
      },
      {
        "model": "aura application server sip core",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "53002.0"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.7.2-7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "in motion blackberry enterprise server for novell groupwise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.1"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.9.2-5.2.1"
      },
      {
        "model": "beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.6"
      },
      {
        "model": "in motion blackberry enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.5"
      },
      {
        "model": "beta36",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "clientless vpn gateway series sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "44004.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.3"
      },
      {
        "model": "beta2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.7.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.2"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.7.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.7"
      },
      {
        "model": "in motion blackberry enterprise server for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.4"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.72"
      },
      {
        "model": "alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "4.0"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2010.0"
      },
      {
        "model": "in motion blackberry enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.3"
      },
      {
        "model": "hat enterprise linux desktop optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.9"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2009.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.7.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.9.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.6"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "linux armel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.0.2.20"
      },
      {
        "model": "in motion blackberry enterprise server for exchange sp3 hotfix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.03"
      },
      {
        "model": "safari for windows",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.4"
      },
      {
        "model": "in motion blackberry enterprise server for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.7"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "corporate server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "12.2"
      },
      {
        "model": "hat enterprise linux server optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "6"
      },
      {
        "model": "in motion blackberry enterprise server for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.7"
      },
      {
        "model": "clientless vpn gateway series sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "44004.0"
      },
      {
        "model": "beta28",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "in motion blackberry enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "2.0.0.65"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.2"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pardus",
        "version": "20110"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "aura session manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "enterprise linux ws",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "beta2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.6.0"
      },
      {
        "model": "alpha4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.7"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "aura presence services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "enterprise linux es",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "in motion blackberry enterprise server for novell groupwise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.4"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "beta6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "4.0"
      },
      {
        "model": "linux lts sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "networks contivity secure ip services gateway sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nortel",
        "version": "46004.0"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.7.0"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "11.4"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.7"
      },
      {
        "model": "messaging storage server sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.5"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.4"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "12.1"
      },
      {
        "model": "corporate server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "model": "linux enterprise sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "11"
      },
      {
        "model": "beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.6.0"
      },
      {
        "model": "in motion blackberry enterprise server for exchange mr2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.3"
      },
      {
        "model": "enterprise linux desktop version",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.1"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "linux alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.9.0"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "mobile safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "alpha3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.7"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.2"
      },
      {
        "model": "in motion blackberry enterprise server for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.3"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "in motion blackberry enterprise server for novell groupwise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "9"
      },
      {
        "model": "in motion blackberry enterprise server for domino mr3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.5"
      },
      {
        "model": "in motion blackberry enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "0"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.3"
      },
      {
        "model": "in motion blackberry enterprise server sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.0"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.8.2"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.3"
      },
      {
        "model": "in motion blackberry enterprise server express for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.3"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.7.1"
      },
      {
        "model": "tv",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "aura system manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "11.2"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.3"
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "messaging storage server sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "opencall multiservice controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "4.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "enterprise server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "tv",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "opencall multiservice controller sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "4.0"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "linux x86 64 -current",
        "scope": null,
        "trust": 0.3,
        "vendor": "slackware",
        "version": null
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2010.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.2"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.6"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.1.8"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.1"
      },
      {
        "model": "networks contivity secure ip services gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nortel",
        "version": "46004.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "in motion blackberry enterprise server for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "9.0"
      },
      {
        "model": "enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "5"
      },
      {
        "model": "in motion blackberry enterprise server for exchange sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0"
      },
      {
        "model": "in motion blackberry enterprise server mr5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.6"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "aura communication manager utility services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "beta35",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "in motion blackberry enterprise server express for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.3"
      },
      {
        "model": "hat enterprise linux desktop client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "5"
      },
      {
        "model": "communication server 1000m",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "in motion blackberry enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "beta24",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "esignal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "esignal",
        "version": "6.0.2"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.9.3"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.2"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.2"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2010.0"
      },
      {
        "model": "communication server 1000m signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "in motion blackberry enterprise server for novell groupwise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.3"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2009.0"
      },
      {
        "model": "hat enterprise linux hpc node optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "6"
      },
      {
        "model": "communication server 1000e",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "in motion blackberry enterprise server express for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.4"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "in motion blackberry enterprise server express for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "linux lts sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.7"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "10.1"
      },
      {
        "model": "beta31",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "networks contivity secure ip services gateway sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nortel",
        "version": "46004.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "10.2"
      },
      {
        "model": "in motion blackberry enterprise server for novell groupwise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.0"
      },
      {
        "model": "aura application server sip core",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "53001.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "in motion blackberry enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.2.1"
      },
      {
        "model": "aura system platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.1"
      },
      {
        "model": "clientless vpn gateway series sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "44004.0"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "linux lts lpia",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "aura presence services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "beta18",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "beta34",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.3"
      },
      {
        "model": "beta29",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "in motion blackberry enterprise server for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.3"
      },
      {
        "model": "aura system manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "aura system platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0.2"
      },
      {
        "model": "communication server 1000m signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "messaging storage server sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "communication server 1000e",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      },
      {
        "model": "in motion blackberry enterprise server for domino mr1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.2"
      },
      {
        "model": "in motion blackberry enterprise server express for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.8"
      },
      {
        "model": "beta32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "in motion blackberry enterprise server for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.3"
      },
      {
        "model": "linux mipsel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.4"
      },
      {
        "model": "hat enterprise linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "6"
      },
      {
        "model": "alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.7"
      },
      {
        "model": "hat enterprise linux as",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "4"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "11.3"
      },
      {
        "model": "linux x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1.2"
      },
      {
        "model": "aura session manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "safari",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "linux x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "12.0"
      },
      {
        "model": "aura presence services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "10.0"
      },
      {
        "model": "in motion blackberry enterprise server for novell groupwise sp3 hotfix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.01"
      },
      {
        "model": "linux lts powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "in motion blackberry enterprise server for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.0"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.9.1"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "hat enterprise linux workstation optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "6"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "in motion blackberry enterprise server for exchange mr1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.2"
      },
      {
        "model": "linux lts powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.2"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "11.0"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.9.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.8"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "4.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.8"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "alpha2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.7"
      },
      {
        "model": "communication server 1000e signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "in motion blackberry enterprise server for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.4"
      },
      {
        "model": "in motion blackberry enterprise server for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.2"
      },
      {
        "model": "linux -current",
        "scope": null,
        "trust": 0.3,
        "vendor": "slackware",
        "version": null
      },
      {
        "model": "aura system platform sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.1"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "hat enterprise linux server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "5"
      },
      {
        "model": "linux lpia",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "in motion blackberry enterprise server express for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.1"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.7.2"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.0"
      },
      {
        "model": "in motion blackberry enterprise server mr4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.6"
      },
      {
        "model": "in motion blackberry enterprise server for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.2"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.6.1"
      },
      {
        "model": "aura communication manager utility services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.9"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.5.6"
      },
      {
        "model": "beta5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "4.0"
      },
      {
        "model": "hat enterprise linux workstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "6"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "enterprise linux desktop workstation client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "ios beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "aura system platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0.1"
      },
      {
        "model": "communication server 1000e signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "libtiff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.8.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "in motion blackberry enterprise server express for domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.7"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.8"
      },
      {
        "model": "beta1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "4.0"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "in motion blackberry enterprise server express for domino mr1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.2"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "communication server 1000m",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.5"
      },
      {
        "model": "beta3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "4.0"
      },
      {
        "model": "in motion blackberry enterprise server for domino sp3 hotfix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.04"
      },
      {
        "model": "communication server 1000e signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      },
      {
        "model": "in motion blackberry enterprise server for novell groupwise mr3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "5.0.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0.1"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.3"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "hat enterprise linux server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "6"
      },
      {
        "model": "in motion blackberry enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "4.1.4"
      },
      {
        "model": "communication server 1000m signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.5"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "beta4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "4.0"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.2"
      },
      {
        "model": "beta37",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libtiff",
        "version": "3.4"
      },
      {
        "model": "aura application server sip core",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "53002.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "communication server 1000e",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "networks contivity secure ip services gateway sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nortel",
        "version": "46004.0"
      },
      {
        "model": "linux m68k",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "mac os server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.7"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "communication server 1000m",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "46658"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-112"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0192"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:apple_tv",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:iphone_os",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:apple:ipad",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:apple:iphone",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:apple:ipod_touch",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:itunes",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:safari",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:redhat:enterprise_linux_hpc_node",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:redhat:enterprise_linux_workstation",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple",
    "sources": [
      {
        "db": "BID",
        "id": "46658"
      },
      {
        "db": "PACKETSTORM",
        "id": "105737"
      },
      {
        "db": "PACKETSTORM",
        "id": "105736"
      }
    ],
    "trust": 0.5
  },
  "cve": "CVE-2011-0192",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2011-0192",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-48137",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-0192",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-0192",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201103-112",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-48137",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48137"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-112"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0192"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information. plural Apple Product LIBTIFF Is libtiff/tif_fax3.h. libTIFF is prone to a buffer-overflow  vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nNOTE: This BID was previously titled \u0027Apple iTunes libTIFF CCITT Group 4 Encoded TIFF Image Buffer Overflow Vulnerability\u0027 but has been changed to better reflect the affected library. \nNote (March 30, 2011): This issue has not been patched as expected. This library contains some command line tools for working with TIFF files. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2210-2                   security@debian.org\nhttp://www.debian.org/security/                             Luciano Bello\nJune 25, 2011                          http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : tiff\nVulnerability  : several\nProblem type   : local (remote)\nDebian-specific: no\nCVE ID         : CVE-2011-0191 CVE-2011-0192 CVE-2011-1167\nDebian Bug     : 619614 630042\n\nThe recent tiff update DSA-2210-1 introduced a regression that could\nlead to encoding problems of tiff files. \n  This issue affects the Debian 5.0 Lenny package only. \n\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 3.8.2-11.5. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.9.4-5+squeeze3. \n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 3.9.5-1. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.9.5-1. \n\nWe recommend that you upgrade your tiff packages. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-1085-2            March 15, 2011\ntiff regression\nhttps://launchpad.net/bugs/731540\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.10\nUbuntu 10.04 LTS\nUbuntu 10.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  libtiff4                        3.7.4-1ubuntu3.10\n\nUbuntu 8.04 LTS:\n  libtiff4                        3.8.2-7ubuntu3.8\n\nUbuntu 9.10:\n  libtiff4                        3.8.2-13ubuntu0.5\n\nUbuntu 10.04 LTS:\n  libtiff4                        3.9.2-2ubuntu0.5\n\nUbuntu 10.10:\n  libtiff4                        3.9.4-2ubuntu0.2\n\nAfter a standard system update you need to restart your session to make\nall the necessary changes. \n\nDetails follow:\n\nUSN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream\nfixes were incomplete and created problems for certain CCITTFAX4 files. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n Sauli Pahlman discovered that the TIFF library incorrectly handled invalid\n td_stripbytecount fields. If a user or automated system were tricked into\n opening a specially crafted TIFF image, a remote attacker could crash the\n application, leading to a denial of service. This issue only affected\n Ubuntu 10.04 LTS and 10.10. (CVE-2010-2482)\n \n Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF\n files with an invalid combination of SamplesPerPixel and Photometric\n values. If a user or automated system were tricked into opening a specially\n crafted TIFF image, a remote attacker could crash the application, leading\n to a denial of service. This issue only affected Ubuntu 10.10. \n (CVE-2010-2482)\n \n Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled\n invalid ReferenceBlackWhite values. If a user or automated system were\n tricked into opening a specially crafted TIFF image, a remote attacker\n could crash the application, leading to a denial of service. \n (CVE-2010-2595)\n \n Sauli Pahlman discovered that the TIFF library incorrectly handled certain\n default fields. If a user or automated system were tricked into opening a\n specially crafted TIFF image, a remote attacker could crash the\n application, leading to a denial of service. (CVE-2010-2597, CVE-2010-2598)\n \n It was discovered that the TIFF library incorrectly validated certain\n data types. If a user or automated system were tricked into opening a\n specially crafted TIFF image, a remote attacker could crash the\n application, leading to a denial of service. (CVE-2010-2630)\n \n It was discovered that the TIFF library incorrectly handled downsampled\n JPEG data. This issue only affected Ubuntu 10.04 LTS and 10.10. \n (CVE-2010-3087)\n \n It was discovered that the TIFF library incorrectly handled certain JPEG\n data. \n This issue only affected Ubuntu 6.06 LTS, 8.04 LTS and 9.10. \n (CVE-2011-0191)\n \n It was discovered that the TIFF library incorrectly handled certain TIFF\n FAX images. (CVE-2011-0191)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.diff.gz\n      Size/MD5:    24707 92ee677a20237cfdb17b5dcbe024fc81\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.dsc\n      Size/MD5:     1445 19186c480eda8ade1d4fd194a7e08bf6\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4.orig.tar.gz\n      Size/MD5:  1280113 02cf5c3820bda83b35bb35b45ae27005\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_amd64.deb\n      Size/MD5:   220784 7b8f336c5190b816fb92f498b30755c9\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_amd64.deb\n      Size/MD5:   283278 2633a7f81897814f7bddb303f6952b34\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_amd64.deb\n      Size/MD5:   488554 bd11ebd5ae319660ec0eff4f22b55268\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_amd64.deb\n      Size/MD5:    45210 2d75169ed1d84f4907d505780123691d\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_amd64.deb\n      Size/MD5:    50372 d606202ec431cee4d43658887b7c53f7\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_i386.deb\n      Size/MD5:   206424 d346905ce628f3b5afdfe1a4b5e46ee8\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_i386.deb\n      Size/MD5:   260146 f8a0af4bb2a87fab5833e8bea85b4179\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_i386.deb\n      Size/MD5:   462812 81f1884d1f83fbc7cf670233e79e464b\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_i386.deb\n      Size/MD5:    45144 047a98941044eb476ff601a50a94cb97\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_i386.deb\n      Size/MD5:    49650 0298317461310597a873c28bbe6c9c2d\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_powerpc.deb\n      Size/MD5:   240378 8f832fa2e7ca2122ea17b8440db407a3\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_powerpc.deb\n      Size/MD5:   289250 7118c8a2b9ee67fb759d89631b80ec33\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_powerpc.deb\n      Size/MD5:   477164 46d81e5cca275c4f9fa490bccf5e1b54\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_powerpc.deb\n      Size/MD5:    47366 8f493b29a1c6af1ede1ae20bb340542e\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_powerpc.deb\n      Size/MD5:    52018 9cbc82320c0fb9160a55d9e966935308\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_sparc.deb\n      Size/MD5:   209294 1c075ff5d8fe054cfbe59767156f2b12\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_sparc.deb\n      Size/MD5:   271226 083721bbf42b3a9c2ba0619725cdea1c\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_sparc.deb\n      Size/MD5:   467842 244140481e39cbae1caeea1cbc7242fb\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_sparc.deb\n      Size/MD5:    45072 0ecf1aa2519fd0f70a54e97299a9a2aa\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_sparc.deb\n      Size/MD5:    50206 1fd3434ab16f251802c05e69b2ec4172\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.diff.gz\n      Size/MD5:    23098 1ee89aac13034400cc5f65bc82350576\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.dsc\n      Size/MD5:     1534 db81aff18857a6a792e8e3d9f6419c25\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz\n      Size/MD5:  1333780 e6ec4ab957ef49d5aabc38b7a376910b\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_amd64.deb\n      Size/MD5:   186052 117b7fef507321d3b40f31e82121d65c\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_amd64.deb\n      Size/MD5:   583498 356ff0e0f3fa15764371a8d0ffbd2574\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_amd64.deb\n      Size/MD5:   132044 f21e514b5f9ffa5e083d48e3ff2876be\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_amd64.deb\n      Size/MD5:     5060 bd0be2af72fb9789ef27a5cf3445a960\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_amd64.deb\n      Size/MD5:    10482 a49a0b07d12a18248a56d1c64322687b\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_i386.deb\n      Size/MD5:   175314 d510325b149f2106114857e9cd1887a1\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_i386.deb\n      Size/MD5:   552824 044e167a1106988f710d4b26cd480c13\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_i386.deb\n      Size/MD5:   123468 8c41a5b4deb4daf59a27aa18bafc2a33\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_i386.deb\n      Size/MD5:     5044 221fabdeb10a45b0e39b30fcd9876d57\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_i386.deb\n      Size/MD5:     9934 139ed154385849ed4a76c21f14d1824c\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_lpia.deb\n      Size/MD5:   177010 f861eceecd6f08085a7e66038b28d148\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_lpia.deb\n      Size/MD5:   555294 27b3f40726cd5cf866dd80b5fb5f652d\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_lpia.deb\n      Size/MD5:   124582 a101756bd948bc2d526bbb3793655c46\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_lpia.deb\n      Size/MD5:     4916 0fde80306a67eb766b878040048003fa\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_lpia.deb\n      Size/MD5:     9976 36fdc7a9337f4a5391a5d951624775df\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_powerpc.deb\n      Size/MD5:   223488 04f35d447aa797b255c249719f467896\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_powerpc.deb\n      Size/MD5:   577476 53e4f31126ecae60b54a2614c29a02ef\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_powerpc.deb\n      Size/MD5:   135174 24d5e5f4e4903eae9ba2b4163eb0ab44\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_powerpc.deb\n      Size/MD5:     7512 a361eb4c3985a90189342aced3932676\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_powerpc.deb\n      Size/MD5:    13288 2f458ba98bbf136958d2a8cdc87a83ab\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_sparc.deb\n      Size/MD5:   178860 d48dc98bba2aaaf1830ad3a9d69b99db\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_sparc.deb\n      Size/MD5:   558838 c9ffd065811bf117f5c57dae82c4173b\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_sparc.deb\n      Size/MD5:   123254 e11f44522f5cef8b3f4a8a633be5437d\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_sparc.deb\n      Size/MD5:     4796 498f87c694b19560fe59ee3afb605af4\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_sparc.deb\n      Size/MD5:    10700 5bb66a32a926f8fbd1a5b864a3d88cd7\n\nUpdated packages for Ubuntu 9.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.diff.gz\n      Size/MD5:    43070 e8b35ecf046a7c3619e1d9929de8b830\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.dsc\n      Size/MD5:     1978 d8a8180b56ba05c422d4b443afb1d44e\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz\n      Size/MD5:  1333780 e6ec4ab957ef49d5aabc38b7a376910b\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.5_all.deb\n      Size/MD5:   348112 a84bc452f3a0eea39c87ac3ac744112c\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_amd64.deb\n      Size/MD5:   191416 300ef146f5155ff8ccdf51e8a684ff34\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_amd64.deb\n      Size/MD5:   252426 b78ec6fcac494ac67fb4b357632dace3\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_amd64.deb\n      Size/MD5:   135940 d3f0cb6e3491b6d335e905ddb2139dfc\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_amd64.deb\n      Size/MD5:     6332 b7da9edb5b42f9c08596a6b1966cb6e0\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_amd64.deb\n      Size/MD5:    12004 3107c05e0644d55184c568fbd205c8d4\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_i386.deb\n      Size/MD5:   176368 b2b0a5ed89fa9405dea1a1944bf4e606\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_i386.deb\n      Size/MD5:   232588 71573f111b56ed24c2bb95e70cf24950\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_i386.deb\n      Size/MD5:   125002 9127f1c5991d7bebf346d7996aa05549\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_i386.deb\n      Size/MD5:     6446 8535ecbdf277f311afe69e053e7027eb\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_i386.deb\n      Size/MD5:    11292 21192b1ec3a90204f70ac7e715f6ef94\n\n  armel architecture (ARM Architecture):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_armel.deb\n      Size/MD5:   182752 27e8c1ba005bb913056725f27afed10b\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_armel.deb\n      Size/MD5:   233860 7bb2dfcf30084a32cfda47150de12820\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_armel.deb\n      Size/MD5:   124716 5bf3991de9df681e72aeb2b9cb0157e3\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_armel.deb\n      Size/MD5:     5966 f7269719e2c4b9f44abb54ea640452b9\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_armel.deb\n      Size/MD5:    11160 213b7115f391a62a039e86bd2aed21e3\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_lpia.deb\n      Size/MD5:   177048 6f228aae0027ce228001ab1e03c1420f\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_lpia.deb\n      Size/MD5:   234412 2be52c2f11d51dc60ebd6358921ed539\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_lpia.deb\n      Size/MD5:   126608 5b98943322e5546def050c29f0137c51\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_lpia.deb\n      Size/MD5:     6312 9dfcffd32f1aa8e42e6e5f94c8171333\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_lpia.deb\n      Size/MD5:    11340 69f92d56438e597d2733cca9fe192e09\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_powerpc.deb\n      Size/MD5:   191484 3af0b1c5f8e037c97831d2321c144069\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_powerpc.deb\n      Size/MD5:   256554 94513c2b20ec5e2206d5b5476ac4b6e1\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_powerpc.deb\n      Size/MD5:   137434 0dd8d58ca4136b26395ec9619352cbf4\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_powerpc.deb\n      Size/MD5:     6724 752b5398be235d406db9b0070c8b4bcc\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_powerpc.deb\n      Size/MD5:    12080 857d09fbe80934ec33149da04cf5b4fe\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_sparc.deb\n      Size/MD5:   184288 a83a8a638af348c50d3bb64a2c0490e4\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_sparc.deb\n      Size/MD5:   237164 9a5c6358c6c65dfc8e5154f79c5937a1\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_sparc.deb\n      Size/MD5:   125062 2e70ed4b0b98f15d9b6d4d1aa2c223fe\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_sparc.deb\n      Size/MD5:     6096 e374e39bdeb2b16f8944713dc6b59ec2\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_sparc.deb\n      Size/MD5:    12036 3bd0ece44e01a49c32decff3d318bcc3\n\nUpdated packages for Ubuntu 10.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.diff.gz\n      Size/MD5:    20142 b939eddaecc09a223f750ddc9ec300a7\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.dsc\n      Size/MD5:     1974 0ab3539d8af96ca2ca23c1d74d79e8c6\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2.orig.tar.gz\n      Size/MD5:  1419742 93e56e421679c591de7552db13384cb8\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.5_all.deb\n      Size/MD5:   359126 ddf2cb68732e7fd96ea2078ce0ad4742\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_amd64.deb\n      Size/MD5:   250490 975aec44c621ff1e524a7d0c344c461d\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_amd64.deb\n      Size/MD5:   269922 24ffd793f4f4cab1c419281358f95b06\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_amd64.deb\n      Size/MD5:   149244 8de4b36f57fd254339472d92d58df436\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_amd64.deb\n      Size/MD5:     6384 dd647e2d96b24485c9a3d512568a33e8\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_amd64.deb\n      Size/MD5:    12028 f312a06be417327ccaab3bc83fce43ee\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_i386.deb\n      Size/MD5:   234120 b80a26f6acbf41fc2835dea7be97d332\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_i386.deb\n      Size/MD5:   246962 2aced2d3476f07034714c32581451fca\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_i386.deb\n      Size/MD5:   136750 9e662029ab9932f9bb5cf551c9a25c70\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_i386.deb\n      Size/MD5:     6486 588d1bff01cbec45eefbfb25864b48c7\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_i386.deb\n      Size/MD5:    11282 028b976bcc83292a2a436961a26cff1b\n\n  armel architecture (ARM Architecture):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_armel.deb\n      Size/MD5:   237816 b1bb7396d24ca82d5a72012e7f5902df\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_armel.deb\n      Size/MD5:   238800 82ec468a735c037f758424ee05ab0eda\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_armel.deb\n      Size/MD5:   129636 b6277537fd8ca0a7258d156b8185fc6c\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_armel.deb\n      Size/MD5:     5980 5ee322e0d78f7f440501872a91e78c98\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_armel.deb\n      Size/MD5:    11300 c0120b282e1fa3c9922b9218a1d86271\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_powerpc.deb\n      Size/MD5:   253514 208b8a67298bb8435b790579c2369258\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_powerpc.deb\n      Size/MD5:   275256 4ccb314e621e464c06a709fbd7632384\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_powerpc.deb\n      Size/MD5:   150724 4787f755ef29dd7198699c9456ca5fd0\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_powerpc.deb\n      Size/MD5:     6770 759c330d4a755d3d217ca8afef8cb191\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_powerpc.deb\n      Size/MD5:    12092 86dd9f88b6d3f4e3f7ee0c3f98ce4448\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_sparc.deb\n      Size/MD5:   248776 0e081f6795686de636fdb537d0da0af3\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_sparc.deb\n      Size/MD5:   257346 b1cb2500a7b1ada561852e12546279a4\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_sparc.deb\n      Size/MD5:   143484 b24ccd56b9eee79c062d8a1e13e65326\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_sparc.deb\n      Size/MD5:     6226 28e807e1ae69640a7e0a35ea79b8913a\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_sparc.deb\n      Size/MD5:    11922 1acad867116630bb02cf53831f49fb91\n\nUpdated packages for Ubuntu 10.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.debian.tar.gz\n      Size/MD5:    18124 6b91f60b7bc92c8f0710f4088c1f38f3\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.dsc\n      Size/MD5:     1991 020c2a94b61792b09f6d01752f2c7f5d\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4.orig.tar.gz\n      Size/MD5:  1436968 2006c1bdd12644dbf02956955175afd6\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.4-2ubuntu0.2_all.deb\n      Size/MD5:   342928 4d7df4c971ba92ab11d738820853fcc4\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_amd64.deb\n      Size/MD5:   248246 dd83a166330ad6268952b8e49f075012\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_amd64.deb\n      Size/MD5:   270788 73525f6754327725fd2e93fe1fc0e4fb\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_amd64.deb\n      Size/MD5:   149490 2da1a59a5a933e822256d2b6d89454c6\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_amd64.deb\n      Size/MD5:     6310 b566e3ac1e893179519b2596798ad492\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_amd64.deb\n      Size/MD5:    11806 a523fb6ef9ac518e5869fdc9bd72d937\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_i386.deb\n      Size/MD5:   230148 a676650de4cfea04a7bfd000de0da151\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_i386.deb\n      Size/MD5:   247138 95194c2ea2ab0ca87e6b8867dae07385\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_i386.deb\n      Size/MD5:   136668 f0931de0028f3538f92ef2547cde7bba\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_i386.deb\n      Size/MD5:     6424 ad458d476aa6df65bfaec35f5cba9c0b\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_i386.deb\n      Size/MD5:    11144 efd76c12cc9f9df3ba719e8f073a6bfa\n\n  armel architecture (ARM Architecture):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_armel.deb\n      Size/MD5:   256880 6aedba603449a04715b504caac95ed22\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_armel.deb\n      Size/MD5:   271424 0587dc26b90416181bb71f0ee0acbed3\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_armel.deb\n      Size/MD5:   151800 0a97a3959787ce6e4d4a60db21f4bd19\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_armel.deb\n      Size/MD5:     5844 6efde8a677921feabc6dd5156181d72a\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_armel.deb\n      Size/MD5:    11228 9e354f5270bc717488682dfc4712e74a\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_powerpc.deb\n      Size/MD5:   250366 6fa58ac5fb03e3b6866499f53cb3e79d\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_powerpc.deb\n      Size/MD5:   275860 d4f92d8330e793d8056e4bc5c180fba9\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_powerpc.deb\n      Size/MD5:   150712 c47116bbde1de23b39bd86ce6733e033\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_powerpc.deb\n      Size/MD5:     6702 d9524527cbcbd6b38cb782d73adbdc3b\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_powerpc.deb\n      Size/MD5:    11962 a31983d4e49adaa4fa0321c16105bae3\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201209-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: libTIFF: Multiple vulnerabilities\n     Date: September 23, 2012\n     Bugs: #307001, #324885, #357271, #359871, #371308, #410931,\n           #422673, #427166\n       ID: 201209-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in libTIFF could result in execution of\narbitrary code or Denial of Service. \n\nBackground\n==========\n\nlibTIFF provides support for reading and manipulating TIFF (Tagged\nImage File Format) images. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  media-libs/tiff             \u003c 4.0.2-r1              *\u003e= 3.9.5-r2\n                                                          \u003e= 4.0.2-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in libTIFF. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libTIFF 4.0 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=media-libs/tiff-4.0.2-r1\"\n\nAll libTIFF 3.9 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=media-libs/tiff-3.9.5-r2\"\n\nReferences\n==========\n\n[  1 ] CVE-2009-2347\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2347\n[  2 ] CVE-2009-5022\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5022\n[  3 ] CVE-2010-1411\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1411\n[  4 ] CVE-2010-2065\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2065\n[  5 ] CVE-2010-2067\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2067\n[  6 ] CVE-2010-2233\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2233\n[  7 ] CVE-2010-2443\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2443\n[  8 ] CVE-2010-2481\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2481\n[  9 ] CVE-2010-2482\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2482\n[ 10 ] CVE-2010-2483\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2483\n[ 11 ] CVE-2010-2595\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2595\n[ 12 ] CVE-2010-2596\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2596\n[ 13 ] CVE-2010-2597\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2597\n[ 14 ] CVE-2010-2630\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2630\n[ 15 ] CVE-2010-2631\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2631\n[ 16 ] CVE-2010-3087\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3087\n[ 17 ] CVE-2010-4665\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4665\n[ 18 ] CVE-2011-0192\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192\n[ 19 ] CVE-2011-0192\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192\n[ 20 ] CVE-2011-1167\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167\n[ 21 ] CVE-2011-1167\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167\n[ 22 ] CVE-2012-1173\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1173\n[ 23 ] CVE-2012-2088\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2088\n[ 24 ] CVE-2012-2113\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2113\n[ 25 ] CVE-2012-3401\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3401\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-02.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-10-12-1 iOS 5 Software Update\n\niOS 5 Software Update is now available and addresses the following:\n\nCalDAV\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  An attacker with a privileged network position may intercept\nuser credentials or other sensitive information from a CalDAV\ncalendar server\nDescription:  CalDAV did not check that the SSL certificate presented\nby the server was trusted. \nCVE-ID\nCVE-2011-3253 : Leszek Tasiemski of nSense\n\nCalendar\nAvailable for:  iOS 4.2.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 4.2.0 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 4.2.0 through 4.3.5 for iPad\nImpact:  Viewing a maliciously crafted calendar invitation may inject\nscript in the local domain\nDescription:  A script injection issue existed in Calendar\u0027s handling\nof invitation notes. This issue is addressed through improved\nescaping of special characters in invitation notes. This issues does\nnot affect devices prior to iOS 4.2.0. \nCVE-ID\nCVE-2011-3254 : Rick Deacon\n\nCFNetwork\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  User\u0027s AppleID password may be logged to a local file\nDescription:  A user\u0027s AppleID password and username were logged to a\nfile that was readable by applications on the system. This is\nresolved by no longer logging these credentials. \nCVE-ID\nCVE-2011-3255 : Peter Quade of qdevelop\n\nCFNetwork\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription:  An issue existed in CFNetwork\u0027s handling of HTTP\ncookies. When accessing a maliciously crafted HTTP or HTTPS URL,\nCFNetwork could incorrectly send the cookies for a domain to a server\noutside that domain. \nCVE-ID\nCVE-2011-3246 : Erling Ellingsen of Facebook\n\nCoreFoundation\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Viewing a maliciously crafted website or e-mail message may\nlead to an unexpected application termination or arbitrary code\nexecution\nDescription:  A memory corruption issue existed in CoreFoundation\u0027s\nhandling of string tokenization. \nCVE-ID\nCVE-2011-0259 : Apple\n\nCoreGraphics\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Viewing a document containing a maliciously crafted font may\nlead to arbitrary code execution\nDescription:  Multiple memory corruption existed in freetype, the\nmost serious of which may lead to arbitrary code execution when\nprocessing a maliciously crafted font. \nCVE-ID\nCVE-2011-3256 : Apple\n\nCoreMedia\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to the\ndisclosure of video data from another site\nDescription:  A cross-origin issue existed in CoreMedia\u0027s handling of\ncross-site redirects. This issue is addressed through improved origin\ntracking. \nCVE-ID\nCVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability\nResearch (MSVR)\n\nData Access\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  An exchange mail cookie management issue could incorrectly\ncause data synchronization across different accounts\nDescription:  When multiple mail exchange accounts are configured\nwhich connect to the same server, a session could potentially receive\na valid cookie corresponding to a different account. This issue is\naddressed by ensuring that cookies are separated across different\naccounts. \nCVE-ID\nCVE-2011-3257 : Bob Sielken of IBM\n\nData Security\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription:  Fraudulent certificates were issued by multiple\ncertificate authorities operated by DigiNotar. This issue is\naddressed by removing DigiNotar from the list of trusted root\ncertificates, from the list of Extended Validation (EV) certificate\nauthorities, and by configuring default system trust settings so that\nDigiNotar\u0027s certificates, including those issued by other\nauthorities, are not trusted. \n\nData Security\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Support for X.509 certificates with MD5 hashes may expose\nusers to spoofing and information disclosure as attacks improve\nDescription:  Certificates signed using the MD5 hash algorithm were\naccepted by iOS. This algorithm has known cryptographic weaknesses. \nFurther research or a misconfigured certificate authority could have\nallowed the creation of X.509 certificates with attacker controlled\nvalues that would have been trusted by the system. This would have\nexposed X.509 based protocols to spoofing, man in the middle attacks,\nand information disclosure. This update disables support for an X.509\ncertificate with an MD5 hash for any use other than as a trusted root\ncertificate. \nCVE-ID\nCVE-2011-3427\n\nData Security\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  An attacker could decrypt part of a SSL connection\nDescription:  Only the SSLv3 and TLS 1.0 versions of SSL were\nsupported. These versions are subject to a protocol weakness when\nusing block ciphers. A man-in-the-middle attacker could have injected\ninvalid data, causing the connection to close but revealing some\ninformation about the previous data. If the same connection was\nattempted repeatedly the attacker may eventually have been able to\ndecrypt the data being sent, such as a password. This issue is\naddressed by adding support for TLS 1.2. \nCVE-ID\nCVE-2011-3389\n\nHome screen\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Switching between applications may lead to the disclosure of\nsensitive application information\nDescription:  When switching between applications with the four-\nfinger app switching gesture, the display could have revealed the\nprevious application state. This issue is addressed by ensuring that\nthe system properly calls the applicationWillResignActive: method\nwhen transitioning between applications. \nCVE-ID\nCVE-2011-3431 : Abe White of Hedonic Software Inc. \nCVE-ID\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\n\nInternational Components for Unicode\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Applications that use ICU may be vulnerable to an unexpected\napplication termination or arbitrary code execution\nDescription:  A buffer overflow issue existed in ICU\u0027s generation of\ncollation keys for long strings of mostly uppercase letters. \nCVE-ID\nCVE-2011-0206 : David Bienvenu of Mozilla\n\nKernel\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  A remote attacker may cause a device reset\nDescription:  The kernel failed to promptly reclaim memory from\nincomplete TCP connections. An attacker with the ability to connect\nto a listening service on an iOS device could exhaust system\nresources. \nCVE-ID\nCVE-2011-3259 : Wouter van der Veer of Topicus I\u0026I, and Josh Enders\n\nKernel\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  A local user may be able to cause a system reset\nDescription:  A null dereference issue existed in the handling of\nIPV6 socket options. \nCVE-ID\nCVE-2011-1132 : Thomas Clement of Intego\n\nKeyboards\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  A user may be able to determine information about the last\ncharacter of a password\nDescription:  The keyboard used to type the last character of a\npassword was briefly displayed the next time the keyboard was used. \nCVE-ID\nCVE-2011-3245 : Paul Mousdicas\n\nlibxml\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A one-byte heap buffer overflow existed in libxml\u0027s\nhandling of XML data. \nCVE-ID\nCVE-2011-0216 : Billy Rios of the Google Security Team\n\nOfficeImport\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Viewing a maliciously crafted Word file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in OfficeImport\u0027s handling of\nMicrosoft Word documents. \nCVE-ID\nCVE-2011-3260 : Tobias Klein working with Verisign iDefense Labs\n\nOfficeImport\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Viewing a maliciously crafted Excel file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A double free issue existed in OfficeImport\u0027s handling\nof Excel files. \nCVE-ID\nCVE-2011-3261 : Tobias Klein of www.trapkit.de\n\nOfficeImport\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Downloading a maliciously crafted Microsoft Office file may\nlead to an unexpected application termination or arbitrary code\nexecution\nDescription:  A memory corruption issue existed in OfficeImport\u0027s\nhandling of Microsoft Office files. \nCVE-ID\nCVE-2011-0208 : Tobias Klein working with iDefense VCP\n\nOfficeImport\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Downloading a maliciously crafted Excel file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in OfficeImport\u0027s\nhandling of Excel files. \nCVE-ID\nCVE-2011-0184 : Tobias Klein working with iDefense VCP\n\nSafari\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Opening maliciously crafted files on certain websites may\nlead to a cross-site scripting attack\nDescription:  iOS did not support the \u0027attachment\u0027 value for the HTTP\nContent-Disposition header. This header is used by many websites to\nserve files that were uploaded to the site by a third-party, such as\nattachments in web-based e-mail applications. Any script in files\nserved with this header value would run as if the file had been\nserved inline, with full access to other resources on the origin\nserver. This issue is addressed by loading attachments in an isolated\nsecurity origin with no access to resources on other sites. \nCVE-ID\nCVE-2011-3426 : Christian Matthies working with iDefense VCP,\nYoshinori Oota from Business Architects Inc working with JP/CERT\n\nSettings\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  An attacker with physical access to a device may be able to\nrecover the restrictions passcode\nDescription:  The parental restrictions functionality enforces UI\nrestrictions. Configuring parental restrictions is protected by a\npasscode, which was previously stored in plaintext on disk. This\nissue is addressed by securely storing the parental restrictions\npasscode in the system keychain. \nCVE-ID\nCVE-2011-3429 : an anonymous reporter\n\nSettings\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Misleading UI\nDescription:  Configurations and settings applied via configuration\nprofiles did not appear to function properly under any non-English\nlanguage. Settings could be improperly displayed as a result. This\nissue is addressed by fixing a localization error. \nCVE-ID\nCVE-2011-3430 : Florian Kreitmaier of Siemens CERT\n\nUIKit Alerts\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a malicious website may cause an unexpected device\nhang\nDescription:  An excessive maximum text layout length permitted\nmalicious websites to cause iOS to hang when drawing acceptance\ndialogs for very long tel: URIs. This issue is addressed by using a\nmore reasonable maximum URI size. \nCVE-ID\nCVE-2011-3432 : Simon Young of Anglia Ruskin University\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in WebKit. \nCVE-ID\nCVE-2011-0218 : SkyLined of Google Chrome Security Team\nCVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS\nResearch Team, and Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0232 : J23 working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-0233 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0234 : Rob King working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0238 : Adam Barth of Google Chrome Security Team\nCVE-2011-0254 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0255 : An anonymous reporter working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc\nCVE-2011-0983 : Martin Barbella\nCVE-2011-1109 : Sergey Glazunov\nCVE-2011-1114 : Martin Barbella\nCVE-2011-1115 : Martin Barbella\nCVE-2011-1117 : wushi of team509\nCVE-2011-1121 : miaubiz\nCVE-2011-1188 : Martin Barbella\nCVE-2011-1203 : Sergey Glazunov\nCVE-2011-1204 : Sergey Glazunov\nCVE-2011-1288 : Andreas Kling of Nokia\nCVE-2011-1293 : Sergey Glazunov\nCVE-2011-1296 : Sergey Glazunov\nCVE-2011-1449 : Marek Majkowski\nCVE-2011-1451 : Sergey Glazunov\nCVE-2011-1453 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-1457 : John Knottenbelt of Google\nCVE-2011-1462 : wushi of team509\nCVE-2011-1797 : wushi of team509\nCVE-2011-2338 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2339 : Cris Neckar of the Google Chrome Security Team\nCVE-2011-2341 : Apple\nCVE-2011-2351 : miaubiz\nCVE-2011-2352 : Apple\nCVE-2011-2354 : Apple\nCVE-2011-2356 : Adam Barth and Abhishek Arya of Google Chrome\nSecurity Team using AddressSanitizer\nCVE-2011-2359 : miaubiz\nCVE-2011-2788 : Mikolaj Malecki of Samsung\nCVE-2011-2790 : miaubiz\nCVE-2011-2792 : miaubiz\nCVE-2011-2797 : miaubiz\nCVE-2011-2799 : miaubiz\nCVE-2011-2809 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-2813 : Cris Neckar of Google Chrome Security Team using\nAddressSanitizer\nCVE-2011-2814 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2816 : Apple\nCVE-2011-2817 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2818 : Martin Barbella\nCVE-2011-2820 : Raman Tenneti and Philip Rogers of Google\nCVE-2011-2823 : SkyLined of Google Chrome Security Team\nCVE-2011-2827 : miaubiz\nCVE-2011-2831 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-3232 : Aki Helin of OUSPG\nCVE-2011-3234 : miaubiz\nCVE-2011-3235 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the\nChromium development community, and Abhishek Arya (Inferno) of Google\nChrome Security Team\nCVE-2011-3236 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-3237 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the\nChromium development community, and Abhishek Arya (Inferno) of Google\nChrome Security Team\nCVE-2011-3244 : vkouchna\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of URLs\nwith an embedded username. This issue is addressed through improved\nhandling of URLs with an embedded username. \nCVE-ID\nCVE-2011-0242 : Jobert Abma of Online24\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of DOM\nnodes. \nCVE-ID\nCVE-2011-1295 : Sergey Glazunov\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  A maliciously crafted website may be able to cause a\ndifferent URL to be shown in the address bar\nDescription:  A URL spoofing issue existed in the handling of the DOM\nhistory object. \nCVE-ID\nCVE-2011-1107 : Jordi Chancel\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription:  A configuration issue existed in WebKit\u0027s use of\nlibxslt. Visiting a maliciously crafted website may lead to arbitrary\nfiles being created with the privileges of the user, which may lead\nto arbitrary code execution. This issue is addressed through improved\nlibxslt security settings. \nCVE-ID\nCVE-2011-1774 : Nicolas Gregoire of Agarri\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a malicious website and dragging content in the\npage may lead to an information disclosure\nDescription:  A cross-origin issue existed in WebKit\u0027s handling of\nHTML5 drag and drop. This issue is addressed by disallowing drag and\ndrop across different origins. \nCVE-ID\nCVE-2011-0166 : Michal Zalewski of Google Inc. \n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to an\ninformation disclosure\nDescription:  A cross-origin issue existed in the handling of Web\nWorkers. \nCVE-ID\nCVE-2011-1190 : Daniel Divricean of divricean.ro\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of the\nwindow.open method. \nCVE-ID\nCVE-2011-2805 : Sergey Glazunov\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of\ninactive DOM windows. \nCVE-ID\nCVE-2011-3243 : Sergey Glazunov\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of the\ndocument.documentURI property. \nCVE-ID\nCVE-2011-2819 : Sergey Glazunov\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  A maliciously crafted website may be able to track the URLs\nthat a user visits within a frame\nDescription:  A cross-origin issue existed in the handling of the\nbeforeload event. \nCVE-ID\nCVE-2011-2800 : Juho Nurminen\n\nWiFi\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  WiFi credentials may be logged to a local file\nDescription:  WiFi credentials including the passphrase and\nencryption keys were logged to a file that was readable by\napplications on the system. This is resolved by no longer logging\nthese credentials. \nCVE-ID\nCVE-2011-3434 : Laurent OUDOT of TEHTRI Security\n\nInstallation note:\n\nThis update is only available through iTunes, and will not appear\nin your computer\u0027s Software Update application, or in the Apple\nDownloads site. Make sure you have an Internet connection and have\ninstalled the latest version of iTunes from www.apple.com/itunes/\n\niTunes will automatically check Apple\u0027s update server on its weekly\nschedule. When an update is detected, it will download it. When\nthe iPhone, iPod touch or iPad is docked, iTunes will present the\nuser with the option to install the update. We recommend applying\nthe update immediately if possible. Selecting Don\u0027t Install will\npresent the option the next time you connect your iPhone, iPod touch,\nor iPad. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes checks for updates. You may manually obtain the\nupdate via the Check for Updates button within iTunes. After doing\nthis, the update can be applied when your iPhone, iPod touch, or iPad\nis docked to your computer. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update will be\n\"5 (9A334)\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJOldmtAAoJEGnF2JsdZQee/qMIAIPxmIiOqj+FMLFHZtPeC/Dp\n3s4JliKOOgNnjXkxErfaNvYGmeVbDaUER5jdVrWccTauzlYmy8G4uK0An2GD2YiP\ngB5AiCQXpONdBCi38QNdRqrYoYjc8Sa0nUp4r5uWPoiHoj5KfxvBpgygEL+zjHXS\nfmnrONOCWhOYp0w4q6mdTg5BH2uJCbXscD/JjbmgHQI0Vs/iUZKSRyqFo2b0Mvze\nNiSyzcj/4l62Cxx7xM9VbdrYL7Al2yyHfNYJQsZmoeDUlJQcdgEgEMXvOuhY3sFK\nmaxYr2oCp6Mtf53fplAeJIV4ijLynEWAKxTuTznAyW1k7oiGrDTfORSFKPEB9MQ=\n=LCQZ\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-0192"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      },
      {
        "db": "BID",
        "id": "46658"
      },
      {
        "db": "VULHUB",
        "id": "VHN-48137"
      },
      {
        "db": "PACKETSTORM",
        "id": "100027"
      },
      {
        "db": "PACKETSTORM",
        "id": "99031"
      },
      {
        "db": "PACKETSTORM",
        "id": "102606"
      },
      {
        "db": "PACKETSTORM",
        "id": "99337"
      },
      {
        "db": "PACKETSTORM",
        "id": "116799"
      },
      {
        "db": "PACKETSTORM",
        "id": "105737"
      },
      {
        "db": "PACKETSTORM",
        "id": "105736"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-0192",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "46658",
        "trust": 2.2
      },
      {
        "db": "SECUNIA",
        "id": "43593",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "43664",
        "trust": 1.1
      },
      {
        "db": "SECUNIA",
        "id": "50726",
        "trust": 1.1
      },
      {
        "db": "SECUNIA",
        "id": "43585",
        "trust": 1.1
      },
      {
        "db": "SECUNIA",
        "id": "44135",
        "trust": 1.1
      },
      {
        "db": "SECUNIA",
        "id": "43934",
        "trust": 1.1
      },
      {
        "db": "SECUNIA",
        "id": "44117",
        "trust": 1.1
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0960",
        "trust": 1.1
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0551",
        "trust": 1.1
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0599",
        "trust": 1.1
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0621",
        "trust": 1.1
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0845",
        "trust": 1.1
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0930",
        "trust": 1.1
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0905",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1025153",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-112",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2340",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "105737",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "99068",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-48137",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "100027",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "99031",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "102606",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "99337",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116799",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "105736",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48137"
      },
      {
        "db": "BID",
        "id": "46658"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      },
      {
        "db": "PACKETSTORM",
        "id": "100027"
      },
      {
        "db": "PACKETSTORM",
        "id": "99031"
      },
      {
        "db": "PACKETSTORM",
        "id": "102606"
      },
      {
        "db": "PACKETSTORM",
        "id": "99337"
      },
      {
        "db": "PACKETSTORM",
        "id": "116799"
      },
      {
        "db": "PACKETSTORM",
        "id": "105737"
      },
      {
        "db": "PACKETSTORM",
        "id": "105736"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-112"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0192"
      }
    ]
  },
  "id": "VAR-201103-0291",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48137"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-29T20:58:59.314000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT4554",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4554"
      },
      {
        "title": "HT4566",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4566"
      },
      {
        "title": "HT4564",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4564"
      },
      {
        "title": "HT4565",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4565"
      },
      {
        "title": "HT4581",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4581"
      },
      {
        "title": "HT4566",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4566?viewlocale=ja_JP"
      },
      {
        "title": "HT4564",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4564?viewlocale=ja_JP"
      },
      {
        "title": "HT4565",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4565?viewlocale=ja_JP"
      },
      {
        "title": "HT4581",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4581?viewlocale=ja_JP"
      },
      {
        "title": "HT4554",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4554?viewlocale=ja_JP"
      },
      {
        "title": "FTP Directory",
        "trust": 0.8,
        "url": "ftp://ftp.remotesensing.org/pub/libtiff/"
      },
      {
        "title": "RHSA-2011:0318",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/RHSA-2011-0318.html"
      },
      {
        "title": "Multiple vulnerabilities in LibTIFF",
        "trust": 0.8,
        "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libtiff"
      },
      {
        "title": "iTunes 10.2",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=39588"
      },
      {
        "title": "iTunes 10.2 for Windows (64 bit)",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=39587"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-112"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48137"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0192"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/46658"
      },
      {
        "trust": 1.9,
        "url": "http://secunia.com/advisories/43593"
      },
      {
        "trust": 1.2,
        "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00003.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00004.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00005.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00006.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00001.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00002.html"
      },
      {
        "trust": 1.1,
        "url": "http://blackberry.com/btsc/kb27244"
      },
      {
        "trust": 1.1,
        "url": "http://support.apple.com/kb/ht4554"
      },
      {
        "trust": 1.1,
        "url": "http://support.apple.com/kb/ht4564"
      },
      {
        "trust": 1.1,
        "url": "http://support.apple.com/kb/ht4565"
      },
      {
        "trust": 1.1,
        "url": "http://support.apple.com/kb/ht4566"
      },
      {
        "trust": 1.1,
        "url": "http://support.apple.com/kb/ht4581"
      },
      {
        "trust": 1.1,
        "url": "http://support.apple.com/kb/ht4999"
      },
      {
        "trust": 1.1,
        "url": "http://support.apple.com/kb/ht5001"
      },
      {
        "trust": 1.1,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
      },
      {
        "trust": 1.1,
        "url": "http://www.debian.org/security/2011/dsa-2210"
      },
      {
        "trust": 1.1,
        "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-march/055683.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-march/055240.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-april/057840.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-april/057763.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2011:043"
      },
      {
        "trust": 1.1,
        "url": "http://www.redhat.com/support/errata/rhsa-2011-0318.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id?1025153"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/43585"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/43664"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/43934"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/44117"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/44135"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/50726"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2011/0551"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2011/0599"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2011/0621"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2011/0845"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2011/0905"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2011/0930"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2011/0960"
      },
      {
        "trust": 1.0,
        "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0192"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu643615"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu867452"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu636925"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu574588"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu556020"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0192"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0192"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2340/"
      },
      {
        "trust": 0.4,
        "url": "http://www.apple.com/itunes/"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0191"
      },
      {
        "trust": 0.3,
        "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2297"
      },
      {
        "trust": 0.3,
        "url": "http://www.libtiff.org/"
      },
      {
        "trust": 0.3,
        "url": "http://support.avaya.com/css/p8/documents/100133190"
      },
      {
        "trust": 0.3,
        "url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb27244"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1167"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2630"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3087"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2595"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2482"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2483"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2597"
      },
      {
        "trust": 0.2,
        "url": "http://www.debian.org/security/faq"
      },
      {
        "trust": 0.2,
        "url": "http://www.debian.org/security/"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4.orig.tar.gz"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2598"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2.orig.tar.gz"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4.orig.tar.gz"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0216"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0241"
      },
      {
        "trust": 0.2,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.2,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.1,
        "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2011\u0026amp;m=slackware-security.587820"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.7.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.7_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.7_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.9_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.7_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.9_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.1_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.4-2ubuntu0.1_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.4_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.9_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.9_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.1_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.7_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.9_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.7_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.7_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.7_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.9.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.9_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.4.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.7_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.7_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.9_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.7_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.7_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.4_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.9_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.4_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.9.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.9_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.1_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.9_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.9_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.1_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.4_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.7_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.4_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.7_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.9_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.9_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.9_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.7.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.7_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.4_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.1_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.9_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.7_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.9_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.4_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.1.debian.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.9_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.7_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.1.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.7_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.7_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.7_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.9_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.9_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.7_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.4_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.4.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.7_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.7_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.7_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.4_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.7_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.4.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.4.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.7_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.4_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.9_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.4-2ubuntu0.2_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.debian.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/bugs/731540"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.5_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.5_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2443"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-5022"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2347"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3401"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1167"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2113"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2482"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2597"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3401"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2596"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2595"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2631"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2481"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1173"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2347"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2088"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2233"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2065"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2067"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4665"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0192"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2233"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2483"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2088"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2065"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-5022"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2443"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2113"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1411"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2067"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2481"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4665"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1173"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2631"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2596"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2630"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1411"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3087"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3232"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3427"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3259"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0184"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0206"
      },
      {
        "trust": 0.1,
        "url": "https://www.trapkit.de"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0259"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0235"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0187"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0254"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0238"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0983"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1117"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1109"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1115"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0233"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0166"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0234"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0242"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0255"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0981"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0222"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1114"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0221"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1107"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0218"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0225"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0208"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0232"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48137"
      },
      {
        "db": "BID",
        "id": "46658"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      },
      {
        "db": "PACKETSTORM",
        "id": "100027"
      },
      {
        "db": "PACKETSTORM",
        "id": "99031"
      },
      {
        "db": "PACKETSTORM",
        "id": "102606"
      },
      {
        "db": "PACKETSTORM",
        "id": "99337"
      },
      {
        "db": "PACKETSTORM",
        "id": "116799"
      },
      {
        "db": "PACKETSTORM",
        "id": "105737"
      },
      {
        "db": "PACKETSTORM",
        "id": "105736"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-112"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0192"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-48137"
      },
      {
        "db": "BID",
        "id": "46658"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      },
      {
        "db": "PACKETSTORM",
        "id": "100027"
      },
      {
        "db": "PACKETSTORM",
        "id": "99031"
      },
      {
        "db": "PACKETSTORM",
        "id": "102606"
      },
      {
        "db": "PACKETSTORM",
        "id": "99337"
      },
      {
        "db": "PACKETSTORM",
        "id": "116799"
      },
      {
        "db": "PACKETSTORM",
        "id": "105737"
      },
      {
        "db": "PACKETSTORM",
        "id": "105736"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-112"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0192"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-48137"
      },
      {
        "date": "2011-03-02T00:00:00",
        "db": "BID",
        "id": "46658"
      },
      {
        "date": "2011-04-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      },
      {
        "date": "2011-04-04T16:47:55",
        "db": "PACKETSTORM",
        "id": "100027"
      },
      {
        "date": "2011-03-07T16:03:11",
        "db": "PACKETSTORM",
        "id": "99031"
      },
      {
        "date": "2011-06-27T23:06:48",
        "db": "PACKETSTORM",
        "id": "102606"
      },
      {
        "date": "2011-03-15T20:48:58",
        "db": "PACKETSTORM",
        "id": "99337"
      },
      {
        "date": "2012-09-24T15:01:54",
        "db": "PACKETSTORM",
        "id": "116799"
      },
      {
        "date": "2011-10-13T02:32:41",
        "db": "PACKETSTORM",
        "id": "105737"
      },
      {
        "date": "2011-10-13T02:28:22",
        "db": "PACKETSTORM",
        "id": "105736"
      },
      {
        "date": "2011-03-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201103-112"
      },
      {
        "date": "2011-03-03T20:00:02.643000",
        "db": "NVD",
        "id": "CVE-2011-0192"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-02-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-48137"
      },
      {
        "date": "2015-05-07T17:14:00",
        "db": "BID",
        "id": "46658"
      },
      {
        "date": "2012-04-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      },
      {
        "date": "2020-07-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201103-112"
      },
      {
        "date": "2024-11-21T01:23:30.773000",
        "db": "NVD",
        "id": "CVE-2011-0192"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-112"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Apple Product  LIBTIFF Vulnerable to buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001352"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-112"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.