var-201209-0323
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS (UXSS).". Google Chrome Contains a cross-site scripting vulnerability. Attackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, execute arbitrary script code in the browser of an unsuspecting user, or steal cookie-based authentication credentials; other attacks are also possible. Versions prior to Chrome 22.0.1229.79 are vulnerable. NOTE: The CVE-2012-2897 issue has been moved to BID 56457 (Microsoft Windows Kernel 'Win32k.sys' TrueType Font Parsing Remote Code Execution Vulnerability) to better document it. Google Chrome is a web browser developed by Google (Google). CVE-ID CVE-2013-0962 : Mario Heiderich of Cure53
For OS X Lion systems Safari 6.0.3 is available via the Apple Software Update application.
For OS X Mountain Lion systems Safari 6.0.3 is included with OS X v10.8.3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2013-01-28-1 iOS 6.1 Software Update
iOS 6.1 Software Update is now available and addresses the following:
Identity Services Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Authentication relying on certificate-based Apple ID authentication may be bypassed Description: An error handling issue existed in Identity Services. If the user's AppleID certificate failed to validate, the user's AppleID was assumed to be the empty string. If multiple systems belonging to different users enter this state, applications relying on this identity determination may erroneously extend trust. This issue was addressed by ensuring that NULL is returned instead of an empty string. CVE-ID CVE-2013-0963
International Components for Unicode Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A canonicalization issue existed in the handling of the EUC-JP encoding, which could lead to a cross-site scripting attack on EUC-JP encoded websites. This issue was addressed by updating the EUC-JP mapping table. CVE-ID CVE-2011-3058 : Masato Kinugawa
Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user-mode process may be able to access the first page of kernel memory Description: The iOS kernel has checks to validate that the user- mode pointer and length passed to the copyin and copyout functions would not result in a user-mode process being able to directly access kernel memory. The checks were not being used if the length was smaller than one page. This issue was addressed through additional validation of the arguments to copyin and copyout. CVE-ID CVE-2013-0964 : Mark Dowd of Azimuth Security
Security Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Several intermediate CA certificates were mistakenly issued by TURKTRUST. This may allow a man-in-the-middle attacker to redirect connections and intercept user credentials or other sensitive information. This issue was addressed by not allowing the incorrect SSL certificates.
StoreKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: JavaScript may be enabled in Mobile Safari without user interaction Description: If a user disabled JavaScript in Safari Preferences, visiting a site which displayed a Smart App Banner would re-enable JavaScript without warning the user. This issue was addressed by not enabling JavaScript when visiting a site with a Smart App Banner. CVE-ID CVE-2013-0974 : Andrew Plotkin of Zarfhome Software Consulting, Ben Madison of BitCloud, Marek Durcek
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2012-2824 : miaubiz CVE-2012-2857 : Arthur Gerkis CVE-2012-3606 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3607 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3621 : Skylined of the Google Chrome Security Team CVE-2012-3632 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3687 : kuzzcc CVE-2012-3701 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0951 : Apple CVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the Google Chrome Security Team CVE-2013-0955 : Apple CVE-2013-0956 : Apple Product Security CVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0968 : Aaron Nelson
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Copying and pasting content on a malicious website may lead to a cross-site scripting attack Description: A cross-site scripting issue existed in the handling of content pasted from a different origin. This issue was addressed through additional validation of pasted content. CVE-ID CVE-2013-0962 : Mario Heiderich of Cure53
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-site scripting issue existed in the handling of frame elements. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-2889 : Sergey Glazunov
WiFi Available for: iPhone 3GS, iPhone 4, iPod touch (4th generation), iPad 2 Impact: A remote attacker on the same WiFi network may be able to temporarily disable WiFi Description: An out of bounds read issue exists in Broadcom's BCM4325 and BCM4329 firmware's handling of 802.11i information elements. This issue was addressed through additional validation of 802.11i information elements. CVE-ID CVE-2012-2619 : Andres Blanco and Matias Eissler of Core Security
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "6.1".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJRBffvAAoJEPefwLHPlZEwzYgP/0qhsTft9TUGuphoY9tth5WB D0+8pAKs+1HU+nMOaEKPbK+zdMxblhRNPQyhMuTAQaY5Z/iGn1EXVCTlQBO8esRW epxNZuhFoaW4wzK9kvw5d/HZ9tfq059ozlFOp1TI2D6J5RwNgxDfigt2PUKCTV4X u/BONQHIfINYMofgf5897LHYYFSU2+NJj5ouM5dY4Y/kfJkwAnG5AWCAGlEt3QOo MZdaVv3/itPj4te838FYCVAepel3xBWX0Hhuu87+waHslRrIfQl+EvNk3YZXxWiF O5Hw9Ng/H8n0sbeA39w0U8tw+q/wPhVexdULgRjBH65+6g7Cu5u+rMuYuRjl8fO/ glLhKZNSrQDa5ZNOraOrF62AFVByHaSxv4cZwo262/6uH93FIBtklMt947GMVQLC 1FT0CIGNJb1/0156bvsABfRScBtK9ZdIUjXhOHMinhQJX3qiBqyKc4/juYPmC9VC KXk2/K8b0sGWQRc5RuQsSpzkZF9WcrwmgGOBIghp2DLmbAAj0uh2Ttf1GdrOaajR XpZ2TTJ5qE+IHNU0/etroTYnzjKVjQ0pODrPZj7ALLXULTraXJRJy7fqraUzsHbi AZiRca+3x/S9nqV0NpTNPZgTwxenox10t0w5vhcBK+SPGga1oVRbtOjGtVIkgoG4 KI3sdgb6PtpZWuIJ6iZA =J2jv -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50759
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50759/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50759
RELEASE DATE: 2012-09-26
DISCUSS ADVISORY: http://secunia.com/advisories/50759/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50759/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50759
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
1) Certain unspecified input related to frame handling is not properly sanitised before being returned to the user.
2) Certain unspecified input within v8 bindings is not properly sanitised before being returned to the user.
3) An error exists within plugin handling and can be exploited to cause DOM tree corruption.
4) An error due to SSE2 optimizations can be exploited to cause a buffer overflow.
5) An error exists within Skia and can be exploited to cause an out-of-bounds write.
6) A use-after-free error exists within onclick handling.
7) A use-after-free error exists related to SVG text references.
8) An integer overflow error exists related to WebGL handling.
9) An unspecified error can be exploited to cause DOM topology corruption.
10) An error exists within Skia and can be exploited to cause an out-of-bounds write.
11) Some weaknesses exist in the PDF viewer.
12) A use-after-free error exists within the plug-in handling.
13) A race condition exists when handling plug-in paint buffers.
14) An error when handling OGG containers can be exploited to reference an invalid pointer.
15) A double-free error exists on exit.
16) A use-after-free error exists within the PDF viewer.
17) An unspecified error exists and can be exploited to bypass the pop-up block.
18) A double-free error exists within XSL transforms.
19) Some errors within the PDF viewer can be exploited to cause an out-of-bounds write.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1, 2) Sergey Glazunov 3) Chamal de Silva 4, 5, 6) Atte Kettunen, OUSPG 7, 8) miaubiz 9) pawlkt 10, 14) Inferno, Google Chrome Security Team 11, 16, 19) Mateusz Jurczyk, Google Security Team and Gynvael Coldwind, Google Security Team 12) Fermin Serna, Google Security Team 13, 17, 18) Cris Neckar, Google Chrome Security Team 15) Chromium development community
ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/09/stable-channel-update_25.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201210-07
http://security.gentoo.org/
Severity: Normal Title: Chromium: Multiple vulnerabilities Date: October 21, 2012 Bugs: #433551, #436234, #437664, #437984 ID: 201210-07
Synopsis
Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code.
Background
Chromium is an open source web browser project.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 22.0.1229.94 >= 22.0.1229.94
Description
Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, arbitrary file write, a Denial of Service condition, Cross-Site Scripting in SSL interstitial and various Universal Cross-Site Scripting attacks.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-22.0.1229.94"
References
[ 1 ] CVE-2012-2859 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2859 [ 2 ] CVE-2012-2860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2860 [ 3 ] CVE-2012-2865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2865 [ 4 ] CVE-2012-2866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2866 [ 5 ] CVE-2012-2867 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2867 [ 6 ] CVE-2012-2868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2868 [ 7 ] CVE-2012-2869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2869 [ 8 ] CVE-2012-2872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2872 [ 9 ] CVE-2012-2874 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2874 [ 10 ] CVE-2012-2876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2876 [ 11 ] CVE-2012-2877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2877 [ 12 ] CVE-2012-2878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2878 [ 13 ] CVE-2012-2879 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2879 [ 14 ] CVE-2012-2880 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2880 [ 15 ] CVE-2012-2881 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2881 [ 16 ] CVE-2012-2882 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2882 [ 17 ] CVE-2012-2883 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2883 [ 18 ] CVE-2012-2884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2884 [ 19 ] CVE-2012-2885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2885 [ 20 ] CVE-2012-2886 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2886 [ 21 ] CVE-2012-2887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2887 [ 22 ] CVE-2012-2888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2888 [ 23 ] CVE-2012-2889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2889 [ 24 ] CVE-2012-2891 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2891 [ 25 ] CVE-2012-2892 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2892 [ 26 ] CVE-2012-2894 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2894 [ 27 ] CVE-2012-2896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2896 [ 28 ] CVE-2012-2900 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2900 [ 29 ] CVE-2012-5108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5108 [ 30 ] CVE-2012-5110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5110 [ 31 ] CVE-2012-5111 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5111 [ 32 ] CVE-2012-5112 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5112 [ 33 ] CVE-2012-5376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5376 [ 34 ] Release Notes 21.0.1180.89
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30= .html [ 35 ] Release Notes 22.0.1229.79
http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25= .html [ 36 ] Release Notes 22.0.1229.92
http://googlechromereleases.blogspot.com/2012/10/stable-channel-update.ht= ml [ 37 ] Release Notes 22.0.1229.94
http://googlechromereleases.blogspot.com/2012/10/stable-channel-update_61= 05.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201210-07.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201209-0323",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.58"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.48"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.52"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.53"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.49"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.29"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.50"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.51"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.28"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.32"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.57"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.54"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.65"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.26"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.22"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.64"
},
{
"model": "chrome",
"scope": "lte",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.78"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.76"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.55"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.56"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.67"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.60"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.17"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.24"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.62"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.39"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.63"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "22.0.1229.27"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "22.0.1229.79"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.1 (ipad 2 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.1 (iphone 3gs or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.1 (ipod touch first 4 after generation )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.0.3"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.83"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.168"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.75"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.60"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "19.0.1084.52"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.142"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.91275"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.96379"
},
{
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.78"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.56"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.120"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.96365"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "19"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.121"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.163"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.77"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.151"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.162"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874102"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.215"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.186"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.46"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.63"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.202"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "55676"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004628"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-599"
},
{
"db": "NVD",
"id": "CVE-2012-2889"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:google:chrome",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004628"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergey Glazunov, Chamal de Silva, Atte Kettunen of OUSPG, miaubiz, Slawomir Blazek, Nir Moshe, pawlkt, Google Chrome Security Team (Inferno), Mateusz Jurczyk of Google Security Team, Gynvael Coldwind of Google Security Team, Fermin Serna of Google Security",
"sources": [
{
"db": "BID",
"id": "55676"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2889",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-2889",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-56170",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2889",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-2889",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201209-599",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-56170",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56170"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004628"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-599"
},
{
"db": "NVD",
"id": "CVE-2012-2889"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka \"Universal XSS (UXSS).\". Google Chrome Contains a cross-site scripting vulnerability. \nAttackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, execute arbitrary script code in the browser of an unsuspecting user, or steal cookie-based authentication credentials; other attacks are also possible. \nVersions prior to Chrome 22.0.1229.79 are vulnerable. \nNOTE: The CVE-2012-2897 issue has been moved to BID 56457 (Microsoft Windows Kernel \u0027Win32k.sys\u0027 TrueType Font Parsing Remote Code Execution Vulnerability) to better document it. Google Chrome is a web browser developed by Google (Google). \nCVE-ID\nCVE-2013-0962 : Mario Heiderich of Cure53\n\nFor OS X Lion systems Safari 6.0.3 is available via\nthe Apple Software Update application. \n\nFor OS X Mountain Lion systems Safari 6.0.3 is included with\nOS X v10.8.3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-01-28-1 iOS 6.1 Software Update\n\niOS 6.1 Software Update is now available and addresses the following:\n\nIdentity Services\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Authentication relying on certificate-based Apple ID\nauthentication may be bypassed\nDescription: An error handling issue existed in Identity Services. \nIf the user\u0027s AppleID certificate failed to validate, the user\u0027s\nAppleID was assumed to be the empty string. If multiple systems\nbelonging to different users enter this state, applications relying\non this identity determination may erroneously extend trust. This\nissue was addressed by ensuring that NULL is returned instead of an\nempty string. \nCVE-ID\nCVE-2013-0963\n\nInternational Components for Unicode\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A canonicalization issue existed in the handling of the\nEUC-JP encoding, which could lead to a cross-site scripting attack on\nEUC-JP encoded websites. This issue was addressed by updating the\nEUC-JP mapping table. \nCVE-ID\nCVE-2011-3058 : Masato Kinugawa\n\nKernel\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A user-mode process may be able to access the first page of\nkernel memory\nDescription: The iOS kernel has checks to validate that the user-\nmode pointer and length passed to the copyin and copyout functions\nwould not result in a user-mode process being able to directly access\nkernel memory. The checks were not being used if the length was\nsmaller than one page. This issue was addressed through additional\nvalidation of the arguments to copyin and copyout. \nCVE-ID\nCVE-2013-0964 : Mark Dowd of Azimuth Security\n\nSecurity\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription: Several intermediate CA certificates were mistakenly\nissued by TURKTRUST. This may allow a man-in-the-middle attacker to\nredirect connections and intercept user credentials or other\nsensitive information. This issue was addressed by not allowing the\nincorrect SSL certificates. \n\nStoreKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: JavaScript may be enabled in Mobile Safari without user\ninteraction\nDescription: If a user disabled JavaScript in Safari Preferences,\nvisiting a site which displayed a Smart App Banner would re-enable\nJavaScript without warning the user. This issue was addressed by not\nenabling JavaScript when visiting a site with a Smart App Banner. \nCVE-ID\nCVE-2013-0974 : Andrew Plotkin of Zarfhome Software Consulting, Ben\nMadison of BitCloud, Marek Durcek\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2012-2824 : miaubiz\nCVE-2012-2857 : Arthur Gerkis\nCVE-2012-3606 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3607 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3621 : Skylined of the Google Chrome Security Team\nCVE-2012-3632 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3687 : kuzzcc\nCVE-2012-3701 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0951 : Apple\nCVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the\nGoogle Chrome Security Team\nCVE-2013-0955 : Apple\nCVE-2013-0956 : Apple Product Security\nCVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0968 : Aaron Nelson\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Copying and pasting content on a malicious website may lead\nto a cross-site scripting attack\nDescription: A cross-site scripting issue existed in the handling of\ncontent pasted from a different origin. This issue was addressed\nthrough additional validation of pasted content. \nCVE-ID\nCVE-2013-0962 : Mario Heiderich of Cure53\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-site scripting issue existed in the handling of\nframe elements. This issue was addressed through improved origin\ntracking. \nCVE-ID\nCVE-2012-2889 : Sergey Glazunov\n\nWiFi\nAvailable for: iPhone 3GS, iPhone 4, iPod touch (4th generation),\niPad 2\nImpact: A remote attacker on the same WiFi network may be able to\ntemporarily disable WiFi\nDescription: An out of bounds read issue exists in Broadcom\u0027s\nBCM4325 and BCM4329 firmware\u0027s handling of 802.11i information\nelements. This issue was addressed through additional validation of\n802.11i information elements. \nCVE-ID\nCVE-2012-2619 : Andres Blanco and Matias Eissler of Core Security\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"6.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJRBffvAAoJEPefwLHPlZEwzYgP/0qhsTft9TUGuphoY9tth5WB\nD0+8pAKs+1HU+nMOaEKPbK+zdMxblhRNPQyhMuTAQaY5Z/iGn1EXVCTlQBO8esRW\nepxNZuhFoaW4wzK9kvw5d/HZ9tfq059ozlFOp1TI2D6J5RwNgxDfigt2PUKCTV4X\nu/BONQHIfINYMofgf5897LHYYFSU2+NJj5ouM5dY4Y/kfJkwAnG5AWCAGlEt3QOo\nMZdaVv3/itPj4te838FYCVAepel3xBWX0Hhuu87+waHslRrIfQl+EvNk3YZXxWiF\nO5Hw9Ng/H8n0sbeA39w0U8tw+q/wPhVexdULgRjBH65+6g7Cu5u+rMuYuRjl8fO/\nglLhKZNSrQDa5ZNOraOrF62AFVByHaSxv4cZwo262/6uH93FIBtklMt947GMVQLC\n1FT0CIGNJb1/0156bvsABfRScBtK9ZdIUjXhOHMinhQJX3qiBqyKc4/juYPmC9VC\nKXk2/K8b0sGWQRc5RuQsSpzkZF9WcrwmgGOBIghp2DLmbAAj0uh2Ttf1GdrOaajR\nXpZ2TTJ5qE+IHNU0/etroTYnzjKVjQ0pODrPZj7ALLXULTraXJRJy7fqraUzsHbi\nAZiRca+3x/S9nqV0NpTNPZgTwxenox10t0w5vhcBK+SPGga1oVRbtOjGtVIkgoG4\nKI3sdgb6PtpZWuIJ6iZA\n=J2jv\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nGoogle Chrome Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50759\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50759/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50759\n\nRELEASE DATE:\n2012-09-26\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50759/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50759/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50759\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Google Chrome, where\nsome have an unknown impact and others can be exploited by malicious\npeople to conduct cross-site scripting attacks, bypass certain\nsecurity restrictions, and compromise a user\u0027s system. \n\n1) Certain unspecified input related to frame handling is not\nproperly sanitised before being returned to the user. \n\n2) Certain unspecified input within v8 bindings is not properly\nsanitised before being returned to the user. \n\n3) An error exists within plugin handling and can be exploited to\ncause DOM tree corruption. \n\n4) An error due to SSE2 optimizations can be exploited to cause a\nbuffer overflow. \n\n5) An error exists within Skia and can be exploited to cause an\nout-of-bounds write. \n\n6) A use-after-free error exists within onclick handling. \n\n7) A use-after-free error exists related to SVG text references. \n\n8) An integer overflow error exists related to WebGL handling. \n\n9) An unspecified error can be exploited to cause DOM topology\ncorruption. \n\n10) An error exists within Skia and can be exploited to cause an\nout-of-bounds write. \n\n11) Some weaknesses exist in the PDF viewer. \n\n12) A use-after-free error exists within the plug-in handling. \n\n13) A race condition exists when handling plug-in paint buffers. \n\n14) An error when handling OGG containers can be exploited to\nreference an invalid pointer. \n\n15) A double-free error exists on exit. \n\n16) A use-after-free error exists within the PDF viewer. \n\n17) An unspecified error exists and can be exploited to bypass the\npop-up block. \n\n18) A double-free error exists within XSL transforms. \n\n19) Some errors within the PDF viewer can be exploited to cause an\nout-of-bounds write. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1, 2) Sergey Glazunov\n3) Chamal de Silva\n4, 5, 6) Atte Kettunen, OUSPG\n7, 8) miaubiz\n9) pawlkt\n10, 14) Inferno, Google Chrome Security Team\n11, 16, 19) Mateusz Jurczyk, Google Security Team and Gynvael\nColdwind, Google Security Team\n12) Fermin Serna, Google Security Team\n13, 17, 18) Cris Neckar, Google Chrome Security Team\n15) Chromium development community\n\nORIGINAL ADVISORY:\nGoogle:\nhttp://googlechromereleases.blogspot.dk/2012/09/stable-channel-update_25.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201210-07\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Chromium: Multiple vulnerabilities\n Date: October 21, 2012\n Bugs: #433551, #436234, #437664, #437984\n ID: 201210-07\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Chromium, some of which\nmay allow execution of arbitrary code. \n\nBackground\n==========\n\nChromium is an open source web browser project. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium \u003c 22.0.1229.94 \u003e= 22.0.1229.94\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium. Please\nreview the CVE identifiers and release notes referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted web\nsite using Chromium, possibly resulting in the execution of arbitrary\ncode with the privileges of the process, arbitrary file write, a Denial\nof Service condition, Cross-Site Scripting in SSL interstitial and\nvarious Universal Cross-Site Scripting attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/chromium-22.0.1229.94\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-2859\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2859\n[ 2 ] CVE-2012-2860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2860\n[ 3 ] CVE-2012-2865\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2865\n[ 4 ] CVE-2012-2866\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2866\n[ 5 ] CVE-2012-2867\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2867\n[ 6 ] CVE-2012-2868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2868\n[ 7 ] CVE-2012-2869\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2869\n[ 8 ] CVE-2012-2872\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2872\n[ 9 ] CVE-2012-2874\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2874\n[ 10 ] CVE-2012-2876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2876\n[ 11 ] CVE-2012-2877\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2877\n[ 12 ] CVE-2012-2878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2878\n[ 13 ] CVE-2012-2879\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2879\n[ 14 ] CVE-2012-2880\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2880\n[ 15 ] CVE-2012-2881\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2881\n[ 16 ] CVE-2012-2882\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2882\n[ 17 ] CVE-2012-2883\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2883\n[ 18 ] CVE-2012-2884\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2884\n[ 19 ] CVE-2012-2885\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2885\n[ 20 ] CVE-2012-2886\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2886\n[ 21 ] CVE-2012-2887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2887\n[ 22 ] CVE-2012-2888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2888\n[ 23 ] CVE-2012-2889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2889\n[ 24 ] CVE-2012-2891\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2891\n[ 25 ] CVE-2012-2892\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2892\n[ 26 ] CVE-2012-2894\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2894\n[ 27 ] CVE-2012-2896\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2896\n[ 28 ] CVE-2012-2900\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2900\n[ 29 ] CVE-2012-5108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5108\n[ 30 ] CVE-2012-5110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5110\n[ 31 ] CVE-2012-5111\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5111\n[ 32 ] CVE-2012-5112\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5112\n[ 33 ] CVE-2012-5376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5376\n[ 34 ] Release Notes 21.0.1180.89\n\nhttp://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30=\n.html\n[ 35 ] Release Notes 22.0.1229.79\n\nhttp://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25=\n.html\n[ 36 ] Release Notes 22.0.1229.92\n\nhttp://googlechromereleases.blogspot.com/2012/10/stable-channel-update.ht=\nml\n[ 37 ] Release Notes 22.0.1229.94\n\nhttp://googlechromereleases.blogspot.com/2012/10/stable-channel-update_61=\n05.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201210-07.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2889"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004628"
},
{
"db": "BID",
"id": "55676"
},
{
"db": "VULHUB",
"id": "VHN-56170"
},
{
"db": "PACKETSTORM",
"id": "120821"
},
{
"db": "PACKETSTORM",
"id": "119897"
},
{
"db": "PACKETSTORM",
"id": "116921"
},
{
"db": "PACKETSTORM",
"id": "117570"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2889",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVNVU95668478",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004628",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201209-599",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50759",
"trust": 0.7
},
{
"db": "BID",
"id": "55676",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-56170",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120821",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "119897",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116921",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117570",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56170"
},
{
"db": "BID",
"id": "55676"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004628"
},
{
"db": "PACKETSTORM",
"id": "120821"
},
{
"db": "PACKETSTORM",
"id": "119897"
},
{
"db": "PACKETSTORM",
"id": "116921"
},
{
"db": "PACKETSTORM",
"id": "117570"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-599"
},
{
"db": "NVD",
"id": "CVE-2012-2889"
}
]
},
"id": "VAR-201209-0323",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-56170"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:21:09.024000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2013-03-14-2",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2013/Mar/msg00003.html"
},
{
"title": "HT5642",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5642"
},
{
"title": "HT5671",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5671"
},
{
"title": "HT5642",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5642?viewlocale=ja_JP"
},
{
"title": "HT5671",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5671?viewlocale=ja_JP"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2012/09/stable-channel-update_25.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "openSUSE-SU-2012:1376",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html"
},
{
"title": "GoogleChrome23.0.1271.95",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44980"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004628"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-599"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56170"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004628"
},
{
"db": "NVD",
"id": "CVE-2012-2889"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html"
},
{
"trust": 1.7,
"url": "https://code.google.com/p/chromium/issues/detail?id=143439"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2013/jan/msg00000.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2013/mar/msg00003.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht5642"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15829"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78823"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2889"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu95668478/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2889"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50759"
},
{
"trust": 0.3,
"url": "http://www.google.com/chrome"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2889"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0956"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0954"
},
{
"trust": 0.2,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0955"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0948"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0959"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0952"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0958"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0949"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0962"
},
{
"trust": 0.2,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2857"
},
{
"trust": 0.2,
"url": "http://gpgtools.org"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0950"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0951"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2824"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0953"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0960"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3687"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3701"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0968"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3058"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0974"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0963"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50759/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50759/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.dk/2012/09/stable-channel-update_25.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50759"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2878"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2879"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2876"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2878"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2879"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2867"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2888"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2881"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2894"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2881"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2889"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2012/10/stable-channel-update.ht="
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201210-07.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2880"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2887"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30="
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2880"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2882"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2886"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2866"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25="
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2869"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2887"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2865"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2866"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5111"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2891"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2876"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2012/10/stable-channel-update_61="
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2885"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2900"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2867"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2892"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2885"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2896"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2886"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2896"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2891"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5108"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2892"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2888"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2877"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2874"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2883"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2877"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2874"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2894"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2872"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2869"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2859"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2859"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2882"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5112"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5376"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56170"
},
{
"db": "BID",
"id": "55676"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004628"
},
{
"db": "PACKETSTORM",
"id": "120821"
},
{
"db": "PACKETSTORM",
"id": "119897"
},
{
"db": "PACKETSTORM",
"id": "116921"
},
{
"db": "PACKETSTORM",
"id": "117570"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-599"
},
{
"db": "NVD",
"id": "CVE-2012-2889"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-56170"
},
{
"db": "BID",
"id": "55676"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004628"
},
{
"db": "PACKETSTORM",
"id": "120821"
},
{
"db": "PACKETSTORM",
"id": "119897"
},
{
"db": "PACKETSTORM",
"id": "116921"
},
{
"db": "PACKETSTORM",
"id": "117570"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-599"
},
{
"db": "NVD",
"id": "CVE-2012-2889"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-26T00:00:00",
"db": "VULHUB",
"id": "VHN-56170"
},
{
"date": "2012-09-25T00:00:00",
"db": "BID",
"id": "55676"
},
{
"date": "2012-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004628"
},
{
"date": "2013-03-15T22:28:44",
"db": "PACKETSTORM",
"id": "120821"
},
{
"date": "2013-01-30T02:53:29",
"db": "PACKETSTORM",
"id": "119897"
},
{
"date": "2012-09-26T11:13:37",
"db": "PACKETSTORM",
"id": "116921"
},
{
"date": "2012-10-22T01:32:56",
"db": "PACKETSTORM",
"id": "117570"
},
{
"date": "2012-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-599"
},
{
"date": "2012-09-26T10:56:04.903000",
"db": "NVD",
"id": "CVE-2012-2889"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-56170"
},
{
"date": "2015-03-19T09:22:00",
"db": "BID",
"id": "55676"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004628"
},
{
"date": "2012-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-599"
},
{
"date": "2024-11-21T01:39:50.517000",
"db": "NVD",
"id": "CVE-2012-2889"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-599"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Used in multiple products WebKit Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004628"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "120821"
},
{
"db": "PACKETSTORM",
"id": "116921"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-599"
}
],
"trust": 0.8
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.