Summary
| Detail | |||
|---|---|---|---|
| Vendor | Redhat | First view | 2014-01-15 |
| Product | Enterprise Linux Server Supplementary | Last view | 2016-04-14 |
| Version | 5.0 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:redhat:enterprise_linux_server_supplementary | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 8.8 | 2016-04-14 | CVE-2015-8540 | Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read. |
| 5 | 2015-04-14 | CVE-2015-3040 | Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357. |
| 10 | 2015-04-14 | CVE-2015-3039 | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-0358. |
| 10 | 2015-04-14 | CVE-2015-0358 | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-3039. |
| 10 | 2015-04-14 | CVE-2015-0348 | Buffer overflow in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors. |
| 10 | 2015-04-14 | CVE-2015-0346 | Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0359. |
| 3.4 | 2014-10-14 | CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. |
| 5.1 | 2014-01-15 | CVE-2014-0418 | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0424. |
| 4.3 | 2014-01-15 | CVE-2014-0382 | Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX. |
| 5.1 | 2014-01-15 | CVE-2013-5906 | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905. |
| 6.8 | 2014-01-15 | CVE-2013-5904 | Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. |
| 5 | 2014-01-15 | CVE-2013-5895 | Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX. |
| 6.8 | 2014-01-15 | CVE-2013-5870 | Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (1) | CWE-310 | Cryptographic Issues |
| 25% (1) | CWE-200 | Information Exposure |
| 25% (1) | CWE-189 | Numeric Errors |
| 25% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OpenVAS Exploits
| id | Description |
|---|---|
| 2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0061081 |
| 2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity: Category I - VMSKEY: V0058513 |
| 2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0058515 |
| 2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0058517 |
| 2014-A-0010 | Multiple Vulnerabilities in Oracle Java SE Severity: Category I - VMSKEY: V0043398 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-02-03 | Adobe Flash Player ConvolutionFilter Matrix use after free attempt RuleID : 45310 - Type : FILE-FLASH - Revision : 1 |
| 2018-02-03 | Adobe Flash Player ConvolutionFilter Matrix use after free attempt RuleID : 45309 - Type : FILE-FLASH - Revision : 1 |
| 2015-05-28 | Adobe Flash Player Sound.extract integer overflow attempt RuleID : 34279 - Type : FILE-FLASH - Revision : 2 |
| 2015-05-28 | Adobe Flash Player Sound.extract integer overflow attempt RuleID : 34278 - Type : FILE-FLASH - Revision : 3 |
| 2015-05-28 | Adobe Flash Player Sound.extract integer overflow attempt RuleID : 34277 - Type : FILE-FLASH - Revision : 2 |
| 2015-05-28 | Adobe Flash Player Sound.extract integer overflow attempt RuleID : 34276 - Type : FILE-FLASH - Revision : 2 |
| 2015-05-28 | Adobe Flash Player flash settings manager double free attempt RuleID : 34260 - Type : FILE-FLASH - Revision : 3 |
| 2015-05-28 | Adobe Flash Player flash settings manager double free attempt RuleID : 34259 - Type : FILE-FLASH - Revision : 2 |
| 2015-05-28 | Adobe Flash Player flash settings manager double free attempt RuleID : 34258 - Type : FILE-FLASH - Revision : 2 |
| 2015-05-28 | Adobe Flash Player flash settings manager double free attempt RuleID : 34257 - Type : FILE-FLASH - Revision : 3 |
| 2015-05-28 | Adobe Flash Player flash settings manager double free attempt RuleID : 34256 - Type : FILE-FLASH - Revision : 2 |
| 2015-05-28 | Adobe Flash Player flash settings manager double free attempt RuleID : 34255 - Type : FILE-FLASH - Revision : 2 |
| 2015-05-28 | Adobe Flash Player potential information disclosure attempt RuleID : 34235 - Type : FILE-FLASH - Revision : 3 |
| 2015-05-28 | Adobe Flash Player potential information disclosure attempt RuleID : 34234 - Type : FILE-FLASH - Revision : 3 |
| 2015-05-28 | Adobe Flash Player potential information disclosure attempt RuleID : 34233 - Type : FILE-FLASH - Revision : 3 |
| 2015-05-28 | Adobe Flash Player potential information disclosure attempt RuleID : 34232 - Type : FILE-FLASH - Revision : 3 |
| 2015-05-21 | Adobe Flash Player TextField filter use-after-free attempt RuleID : 34175 - Type : FILE-FLASH - Revision : 3 |
| 2015-05-21 | Adobe Flash Player TextField filter use-after-free attempt RuleID : 34174 - Type : FILE-FLASH - Revision : 3 |
| 2015-05-21 | Adobe Flash Player TextField filter use-after-free attempt RuleID : 34173 - Type : FILE-FLASH - Revision : 2 |
| 2015-05-21 | Adobe Flash Player TextField filter use-after-free attempt RuleID : 34172 - Type : FILE-FLASH - Revision : 2 |
| 2014-12-18 | SSLv3 CBC client connection attempt RuleID : 32566 - Type : POLICY-OTHER - Revision : 2 |
| 2014-11-19 | SSLv3 POODLE CBC padding brute force attempt RuleID : 32205 - Type : SERVER-OTHER - Revision : 5 |
| 2014-11-19 | SSLv3 POODLE CBC padding brute force attempt RuleID : 32204 - Type : SERVER-OTHER - Revision : 5 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-12-07 | Name: The remote host is potentially affected by an SSL/TLS vulnerability. File: check_point_gaia_sk103683.nasl - Type: ACT_GATHER_INFO |
| 2017-07-20 | Name: The remote database server is affected by multiple vulnerabilities. File: oracle_rdbms_cpu_jul_2017.nasl - Type: ACT_GATHER_INFO |
| 2017-04-18 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2017-477.nasl - Type: ACT_GATHER_INFO |
| 2017-04-12 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2017-459.nasl - Type: ACT_GATHER_INFO |
| 2017-04-07 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2017-0950-1.nasl - Type: ACT_GATHER_INFO |
| 2017-04-06 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2017-441.nasl - Type: ACT_GATHER_INFO |
| 2017-04-03 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2017-0901-1.nasl - Type: ACT_GATHER_INFO |
| 2017-03-30 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2017-0860-1.nasl - Type: ACT_GATHER_INFO |
| 2017-01-10 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_03532a19d68e11e6917114dae9d210b8.nasl - Type: ACT_GATHER_INFO |
| 2016-11-23 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-1339.nasl - Type: ACT_GATHER_INFO |
| 2016-11-15 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201611-08.nasl - Type: ACT_GATHER_INFO |
| 2016-10-31 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-1243.nasl - Type: ACT_GATHER_INFO |
| 2016-09-28 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-2396-1.nasl - Type: ACT_GATHER_INFO |
| 2016-09-19 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-2329-1.nasl - Type: ACT_GATHER_INFO |
| 2016-09-13 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-2285-1.nasl - Type: ACT_GATHER_INFO |
| 2016-08-02 | Name: The remote Debian host is missing a security update. File: debian_DLA-375-1.nasl - Type: ACT_GATHER_INFO |
| 2016-07-19 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2016-1430.nasl - Type: ACT_GATHER_INFO |
| 2016-06-27 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201606-11.nasl - Type: ACT_GATHER_INFO |
| 2016-06-17 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-1457-1.nasl - Type: ACT_GATHER_INFO |
| 2016-05-13 | Name: A web application running on the remote host is affected by multiple vulnerab... File: solarwinds_srm_profiler_6_2_3.nasl - Type: ACT_GATHER_INFO |
| 2016-04-14 | Name: The application installed on the remote host is affected by an information di... File: ibm_domino_swg21693142.nasl - Type: ACT_GATHER_INFO |
| 2016-03-17 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-0776-1.nasl - Type: ACT_GATHER_INFO |
| 2016-03-16 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-0770-1.nasl - Type: ACT_GATHER_INFO |
| 2016-03-04 | Name: The remote Fedora host is missing a security update. File: fedora_2015-0a543024bf.nasl - Type: ACT_GATHER_INFO |
| 2016-03-04 | Name: The remote Fedora host is missing a security update. File: fedora_2015-3868cfa17b.nasl - Type: ACT_GATHER_INFO |
