VMSA-2009-0010

Executive Summary

Summary
Title	VMware Hosted products update libpng and Apache HTTP Server

Informations
Name	VMSA-2009-0010	First vendor Publication	2009-08-20
Vendor	VMware	Last vendor Modification	2009-08-20
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score	6.8	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

a. Third Party Library libpng Updated to 1.2.35

Several flaws were discovered in the way third party library libpng handled uninitialized pointers. An attacker could create a PNG image file in such a way, that when loaded by an application linked to libpng, it could cause the application to crash or execute arbitrary code at the privilege level of the user that runs the application.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-0040 to this issue.

b. Apache HTTP Server updated to 2.0.63

The new version of ACE updates the Apache HTTP Server on Windows hosts to version 2.0.63 which addresses multiple security issues that existed in the previous versions of this server.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752, CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the issues that have been addressed by this update.

Original Source

Url : http://www.vmware.com/security/advisories/VMSA-2009-0010.html

CAPEC : Common Attack Pattern Enumeration & Classification

id	Name
CAPEC-18	Embedding Scripts in Nonscript Elements
CAPEC-63	Simple Script Injection
CAPEC-73	User-Controlled Filename
CAPEC-81	Web Logs Tampering
CAPEC-85	Client Network Footprinting (using AJAX/XSS)
CAPEC-86	Embedding Script (XSS ) in HTTP Headers
CAPEC-104	Cross Zone Scripting

CWE : Common Weakness Enumeration

id	Name
CWE-116	Improper Encoding or Escaping of Output
CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting')
CWE-94	Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10154

Oval ID:	oval:org.mitre.oval:def:10154
Title:	Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.
Description:	Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2006-5752	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section httpd-devel is earlier than 0:2.0.46-67.ent AND mod_ssl is earlier than 1:2.0.46-67.ent AND httpd is earlier than 0:2.0.46-67.ent OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section httpd-suexec is earlier than 0:2.0.52-32.2.ent AND httpd-manual is earlier than 0:2.0.52-32.2.ent AND httpd-devel is earlier than 0:2.0.52-32.2.ent AND mod_ssl is earlier than 1:2.0.52-32.2.ent AND httpd is earlier than 0:2.0.52-32.2.ent OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section httpd-manual is earlier than 0:2.2.3-7.el5 AND httpd-devel is earlier than 0:2.2.3-7.el5 AND mod_ssl is earlier than 1:2.2.3-7.el5 AND httpd is earlier than 0:2.2.3-7.el5

Definition Id: oval:org.mitre.oval:def:9824

Oval ID:	oval:org.mitre.oval:def:9824
Title:	cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
Description:	cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-1863	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section httpd-devel is earlier than 0:2.0.46-67.ent AND mod_ssl is earlier than 1:2.0.46-67.ent AND httpd is earlier than 0:2.0.46-67.ent OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section httpd-suexec is earlier than 0:2.0.52-32.2.ent AND httpd-manual is earlier than 0:2.0.52-32.2.ent AND httpd-devel is earlier than 0:2.0.52-32.2.ent AND mod_ssl is earlier than 1:2.0.52-32.2.ent AND httpd is earlier than 0:2.0.52-32.2.ent OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section httpd-manual is earlier than 0:2.2.3-7.el5 AND httpd-devel is earlier than 0:2.2.3-7.el5 AND mod_ssl is earlier than 1:2.2.3-7.el5 AND httpd is earlier than 0:2.2.3-7.el5

Definition Id: oval:org.mitre.oval:def:11589

Oval ID:	oval:org.mitre.oval:def:11589
Title:	Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
Description:	Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-3304	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section httpd-devel is earlier than 0:2.0.46-68.ent AND mod_ssl is earlier than 1:2.0.46-68.ent AND httpd is earlier than 0:2.0.46-68.ent OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section httpd-suexec is earlier than 0:2.0.52-32.3.ent AND httpd-manual is earlier than 0:2.0.52-32.3.ent AND httpd-devel is earlier than 0:2.0.52-32.3.ent AND mod_ssl is earlier than 1:2.0.52-32.3.ent AND httpd is earlier than 0:2.0.52-32.3.ent OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section httpd-manual is earlier than 0:2.2.3-7.el5 AND httpd-devel is earlier than 0:2.2.3-7.el5 AND mod_ssl is earlier than 1:2.2.3-7.el5 AND httpd is earlier than 0:2.2.3-7.el5

Definition Id: oval:org.mitre.oval:def:10525

Oval ID:	oval:org.mitre.oval:def:10525
Title:	The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Description:	The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-3847	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section httpd-devel is earlier than 0:2.0.46-70.ent AND mod_ssl is earlier than 0:2.0.46-70.ent AND httpd is earlier than 0:2.0.46-70.ent OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section httpd-suexec is earlier than 0:2.0.52-38.ent AND httpd-manual is earlier than 0:2.0.52-38.ent AND httpd-devel is earlier than 0:2.0.52-38.ent AND mod_ssl is earlier than 1:2.0.52-38.ent AND httpd is earlier than 0:2.0.52-38.ent OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section httpd-manual is earlier than 0:2.2.3-11.el5 AND httpd-devel is earlier than 0:2.2.3-11.el5 AND mod_ssl is earlier than 1:2.2.3-11.el5 AND httpd is earlier than 0:2.2.3-11.el5

Definition Id: oval:org.mitre.oval:def:9539

Oval ID:	oval:org.mitre.oval:def:9539
Title:	Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Description:	Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-5000	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section httpd-devel is earlier than 0:2.0.46-70.ent AND mod_ssl is earlier than 0:2.0.46-70.ent AND httpd is earlier than 0:2.0.46-70.ent OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section httpd-suexec is earlier than 0:2.0.52-38.ent.2 AND httpd-manual is earlier than 0:2.0.52-38.ent.2 AND httpd-devel is earlier than 0:2.0.52-38.ent.2 AND mod_ssl is earlier than 0:2.0.52-38.ent.2 AND httpd is earlier than 0:2.0.52-38.ent.2 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section httpd-manual is earlier than 0:2.2.3-11.el5_1.3 AND httpd-devel is earlier than 0:2.2.3-11.el5_1.3 AND mod_ssl is earlier than 0:2.2.3-11.el5_1.3 AND httpd is earlier than 0:2.2.3-11.el5_1.3

Definition Id: oval:org.mitre.oval:def:10272

Oval ID:	oval:org.mitre.oval:def:10272
Title:	Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Description:	Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-6388	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section httpd-devel is earlier than 0:2.0.46-70.ent AND mod_ssl is earlier than 0:2.0.46-70.ent AND httpd is earlier than 0:2.0.46-70.ent OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section httpd-suexec is earlier than 0:2.0.52-38.ent.2 AND httpd-manual is earlier than 0:2.0.52-38.ent.2 AND httpd-devel is earlier than 0:2.0.52-38.ent.2 AND mod_ssl is earlier than 0:2.0.52-38.ent.2 AND httpd is earlier than 0:2.0.52-38.ent.2 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section httpd-manual is earlier than 0:2.2.3-11.el5_1.3 AND httpd-devel is earlier than 0:2.2.3-11.el5_1.3 AND mod_ssl is earlier than 0:2.2.3-11.el5_1.3 AND httpd is earlier than 0:2.2.3-11.el5_1.3

Definition Id: oval:org.mitre.oval:def:10812

Oval ID:	oval:org.mitre.oval:def:10812
Title:	mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
Description:	mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-0005	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section httpd-devel is earlier than 0:2.0.46-70.ent AND mod_ssl is earlier than 0:2.0.46-70.ent AND httpd is earlier than 0:2.0.46-70.ent OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section httpd-suexec is earlier than 0:2.0.52-38.ent.2 AND httpd-manual is earlier than 0:2.0.52-38.ent.2 AND httpd-devel is earlier than 0:2.0.52-38.ent.2 AND mod_ssl is earlier than 0:2.0.52-38.ent.2 AND httpd is earlier than 0:2.0.52-38.ent.2 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section httpd-manual is earlier than 0:2.2.3-11.el5_1.3 AND httpd-devel is earlier than 0:2.2.3-11.el5_1.3 AND mod_ssl is earlier than 0:2.2.3-11.el5_1.3 AND httpd is earlier than 0:2.2.3-11.el5_1.3

Definition Id: oval:org.mitre.oval:def:6458

Oval ID:	oval:org.mitre.oval:def:6458
Title:	Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerability
Description:	The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-0040	Version:	1
Platform(s):	VMWare ESX Server 3 VMWare ESX Server 3.5	Product(s):
Definition Synopsis:
IF VMWare ESX Server 3.0.3 is installed AND Patch ESX303-200905401-SG is not installed OR VMWare ESX Server 3.0.2 is installed AND Patch ESX-1008420 is not installed OR VMware ESX Server 3.5.0 is installed AND Patch ESX350-200904401-BG is not installed

Definition Id: oval:org.mitre.oval:def:10316

Oval ID:	oval:org.mitre.oval:def:10316
Title:	The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
Description:	The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-0040	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section libpng10-devel is earlier than 0:1.0.13-20 AND seamonkey-nspr is earlier than 0:1.0.9-0.34.el3 AND seamonkey-js-debugger is earlier than 0:1.0.9-0.34.el3 AND libpng-devel is earlier than 2:1.2.2-29 AND seamonkey-nss-devel is earlier than 0:1.0.9-0.34.el3 AND seamonkey is earlier than 0:1.0.9-0.34.el3 AND libpng10 is earlier than 0:1.0.13-20 AND seamonkey-nspr-devel is earlier than 0:1.0.9-0.34.el3 AND seamonkey-mail is earlier than 0:1.0.9-0.34.el3 AND seamonkey-chat is earlier than 0:1.0.9-0.34.el3 AND seamonkey-nss is earlier than 0:1.0.9-0.34.el3 AND libpng is earlier than 2:1.2.2-29 AND seamonkey-devel is earlier than 0:1.0.9-0.34.el3 AND seamonkey-dom-inspector is earlier than 0:1.0.9-0.34.el3 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section libpng10-devel is earlier than 0:1.0.16-3.el4_7.3 AND seamonkey-js-debugger is earlier than 0:1.0.9-38.el4 AND libpng-devel is earlier than 2:1.2.7-3.el4_7.2 AND seamonkey is earlier than 0:1.0.9-38.el4 AND libpng10 is earlier than 0:1.0.16-3.el4_7.3 AND firefox is earlier than 0:3.0.7-1.el4 AND seamonkey-mail is earlier than 0:1.0.9-38.el4 AND seamonkey-chat is earlier than 0:1.0.9-38.el4 AND seamonkey-dom-inspector is earlier than 0:1.0.9-38.el4 AND libpng is earlier than 2:1.2.7-3.el4_7.2 AND seamonkey-devel is earlier than 0:1.0.9-38.el4 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section xulrunner-devel-unstable is earlier than 0:1.9.0.7-1.el5 AND xulrunner-devel is earlier than 0:1.9.0.7-1.el5 AND firefox is earlier than 0:3.0.7-1.el5 AND libpng-devel is earlier than 2:1.2.10-7.1.el5_3.2 AND xulrunner is earlier than 0:1.9.0.7-1.el5 AND libpng is earlier than 2:1.2.10-7.1.el5_3.2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apache Http Server cpe:/a:apache:http_server:2.3.0 cpe:/a:apache:http_server:2.2.6 cpe:/a:apache:http_server:2.2.5 cpe:/a:apache:http_server:2.2.4 cpe:/a:apache:http_server:2.2.3 cpe:/a:apache:http_server:2.2.2 cpe:/a:apache:http_server:2.2.1 cpe:/a:apache:http_server:2.2.0 cpe:/a:apache:http_server:2.2 cpe:/a:apache:http_server:2.0.61 cpe:/a:apache:http_server:2.0.60 cpe:/a:apache:http_server:2.0.59 cpe:/a:apache:http_server:2.0.58 cpe:/a:apache:http_server:2.0.57 cpe:/a:apache:http_server:2.0.56 cpe:/a:apache:http_server:2.0.55 cpe:/a:apache:http_server:2.0.54 cpe:/a:apache:http_server:2.0.53 cpe:/a:apache:http_server:2.0.52 cpe:/a:apache:http_server:2.0.51 cpe:/a:apache:http_server:2.0.50 cpe:/a:apache:http_server:2.0.49 cpe:/a:apache:http_server:2.0.48 cpe:/a:apache:http_server:2.0.47 cpe:/a:apache:http_server:2.0.46 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:1.3.9 cpe:/a:apache:http_server:1.3.8 cpe:/a:apache:http_server:1.3.7 cpe:/a:apache:http_server:1.3.6 cpe:/a:apache:http_server:1.3.5 cpe:/a:apache:http_server:1.3.4 cpe:/a:apache:http_server:1.3.39 cpe:/a:apache:http_server:1.3.38 cpe:/a:apache:http_server:1.3.37 cpe:/a:apache:http_server:1.3.33 cpe:/a:apache:http_server:1.3.32 cpe:/a:apache:http_server:1.3.31 cpe:/a:apache:http_server:1.3.30 cpe:/a:apache:http_server:1.3.3 cpe:/a:apache:http_server:1.3.29 cpe:/a:apache:http_server:1.3.28 cpe:/a:apache:http_server:1.3.27 cpe:/a:apache:http_server:1.3.26 cpe:/a:apache:http_server:1.3.25 cpe:/a:apache:http_server:1.3.24 cpe:/a:apache:http_server:1.3.23 cpe:/a:apache:http_server:1.3.22 cpe:/a:apache:http_server:1.3.2 cpe:/a:apache:http_server:1.3.12 cpe:/a:apache:http_server:1.3.11 cpe:/a:apache:http_server:1.3.1 cpe:/a:apache:http_server:1.3.0 cpe:/a:apache:http_server:1.3	65
Application	Libpng Libpng cpe:/a:libpng:libpng:1.2.9:rc1 cpe:/a:libpng:libpng:1.2.9:beta3 cpe:/a:libpng:libpng:1.2.9:beta9 cpe:/a:libpng:libpng:1.2.9:beta10 cpe:/a:libpng:libpng:1.2.9:beta7 cpe:/a:libpng:libpng:1.2.9:beta6 cpe:/a:libpng:libpng:1.2.9:beta2 cpe:/a:libpng:libpng:1.2.9:beta8 cpe:/a:libpng:libpng:1.2.9 cpe:/a:libpng:libpng:1.2.9:beta1 cpe:/a:libpng:libpng:1.2.9:beta5 cpe:/a:libpng:libpng:1.2.9:beta4 cpe:/a:libpng:libpng:1.2.8:rc2 cpe:/a:libpng:libpng:1.2.8:rc4 cpe:/a:libpng:libpng:1.2.8:beta4 cpe:/a:libpng:libpng:1.2.8:beta3 cpe:/a:libpng:libpng:1.2.8:beta5 cpe:/a:libpng:libpng:1.2.8:beta2 cpe:/a:libpng:libpng:1.2.8:beta1 cpe:/a:libpng:libpng:1.2.8:rc5 cpe:/a:libpng:libpng:1.2.8:rc3 cpe:/a:libpng:libpng:1.2.8 cpe:/a:libpng:libpng:1.2.8:rc1 cpe:/a:libpng:libpng:1.2.7:beta2 cpe:/a:libpng:libpng:1.2.7 cpe:/a:libpng:libpng:1.2.7:beta1 cpe:/a:libpng:libpng:1.2.6:beta1 cpe:/a:libpng:libpng:1.2.6:rc5 cpe:/a:libpng:libpng:1.2.6:rc2 cpe:/a:libpng:libpng:1.2.6:beta3 cpe:/a:libpng:libpng:1.2.6:rc4 cpe:/a:libpng:libpng:1.2.6:rc1 cpe:/a:libpng:libpng:1.2.6:beta4 cpe:/a:libpng:libpng:1.2.6:rc3 cpe:/a:libpng:libpng:1.2.6 cpe:/a:libpng:libpng:1.2.6:beta2 cpe:/a:libpng:libpng:1.2.5 cpe:/a:libpng:libpng:1.2.5:beta1 cpe:/a:libpng:libpng:1.2.5:rc1 cpe:/a:libpng:libpng:1.2.5:rc2 cpe:/a:libpng:libpng:1.2.5:beta2 cpe:/a:libpng:libpng:1.2.5:beta3 cpe:/a:libpng:libpng:1.2.5:rc3 cpe:/a:libpng:libpng:1.2.4:rc1 cpe:/a:libpng:libpng:1.2.4:beta1 cpe:/a:libpng:libpng:1.2.4 cpe:/a:libpng:libpng:1.2.4:beta3 cpe:/a:libpng:libpng:1.2.4:beta2 cpe:/a:libpng:libpng:1.2.34 cpe:/a:libpng:libpng:1.2.33 cpe:/a:libpng:libpng:1.2.32 cpe:/a:libpng:libpng:1.2.31 cpe:/a:libpng:libpng:1.2.30 cpe:/a:libpng:libpng:1.2.3:rc3 cpe:/a:libpng:libpng:1.2.3:rc4 cpe:/a:libpng:libpng:1.2.3:rc5 cpe:/a:libpng:libpng:1.2.3:rc2 cpe:/a:libpng:libpng:1.2.3:rc1 cpe:/a:libpng:libpng:1.2.3 cpe:/a:libpng:libpng:1.2.3:rc6 cpe:/a:libpng:libpng:1.2.29 cpe:/a:libpng:libpng:1.2.28 cpe:/a:libpng:libpng:1.2.27 cpe:/a:libpng:libpng:1.2.26:rc01 cpe:/a:libpng:libpng:1.2.26:beta04 cpe:/a:libpng:libpng:1.2.26:beta06 cpe:/a:libpng:libpng:1.2.26:beta03 cpe:/a:libpng:libpng:1.2.26:beta02 cpe:/a:libpng:libpng:1.2.26 cpe:/a:libpng:libpng:1.2.26:beta05 cpe:/a:libpng:libpng:1.2.26:beta01 cpe:/a:libpng:libpng:1.2.25:rc01 cpe:/a:libpng:libpng:1.2.25:beta05 cpe:/a:libpng:libpng:1.2.25:beta04 cpe:/a:libpng:libpng:1.2.25:rc02 cpe:/a:libpng:libpng:1.2.25:beta06 cpe:/a:libpng:libpng:1.2.25:beta03 cpe:/a:libpng:libpng:1.2.25 cpe:/a:libpng:libpng:1.2.24 cpe:/a:libpng:libpng:1.2.23 cpe:/a:libpng:libpng:1.2.22 cpe:/a:libpng:libpng:1.2.22:rc1 cpe:/a:libpng:libpng:1.2.22:beta4 cpe:/a:libpng:libpng:1.2.22:beta3 cpe:/a:libpng:libpng:1.2.22:beta1 cpe:/a:libpng:libpng:1.2.22:beta2 cpe:/a:libpng:libpng:1.2.21:rc2 cpe:/a:libpng:libpng:1.2.21:beta2 cpe:/a:libpng:libpng:1.2.21:rc1 cpe:/a:libpng:libpng:1.2.21:beta1 cpe:/a:libpng:libpng:1.2.21:rc3 cpe:/a:libpng:libpng:1.2.21 cpe:/a:libpng:libpng:1.2.20:rc4 cpe:/a:libpng:libpng:1.2.20:rc3 cpe:/a:libpng:libpng:1.2.20:rc6 cpe:/a:libpng:libpng:1.2.20:rc5 cpe:/a:libpng:libpng:1.2.20:rc2 cpe:/a:libpng:libpng:1.2.20 cpe:/a:libpng:libpng:1.2.20:rc1 cpe:/a:libpng:libpng:1.2.2:beta1 cpe:/a:libpng:libpng:1.2.2:beta4 cpe:/a:libpng:libpng:1.2.2:beta2 cpe:/a:libpng:libpng:1.2.2:beta5 cpe:/a:libpng:libpng:1.2.2:rc1 cpe:/a:libpng:libpng:1.2.2:beta3 cpe:/a:libpng:libpng:1.2.2:beta6 cpe:/a:libpng:libpng:1.2.2 cpe:/a:libpng:libpng:1.2.19:beta2 cpe:/a:libpng:libpng:1.2.19:beta11 cpe:/a:libpng:libpng:1.2.19:beta17 cpe:/a:libpng:libpng:1.2.19:beta21 cpe:/a:libpng:libpng:1.2.19:beta29 cpe:/a:libpng:libpng:1.2.19:beta13 cpe:/a:libpng:libpng:1.2.19:rc2 cpe:/a:libpng:libpng:1.2.19 cpe:/a:libpng:libpng:1.2.19:beta32 cpe:/a:libpng:libpng:1.2.19:beta1 cpe:/a:libpng:libpng:1.2.19:beta14 cpe:/a:libpng:libpng:1.2.19:beta31 cpe:/a:libpng:libpng:1.2.19:beta16 cpe:/a:libpng:libpng:1.2.19:beta27 cpe:/a:libpng:libpng:1.2.19:beta3 cpe:/a:libpng:libpng:1.2.19:beta23 cpe:/a:libpng:libpng:1.2.19:rc6 cpe:/a:libpng:libpng:1.2.19:beta24 cpe:/a:libpng:libpng:1.2.19:beta12 cpe:/a:libpng:libpng:1.2.19:beta7 cpe:/a:libpng:libpng:1.2.19:beta19 cpe:/a:libpng:libpng:1.2.19:beta33 cpe:/a:libpng:libpng:1.2.19:beta22 cpe:/a:libpng:libpng:1.2.19:beta28 cpe:/a:libpng:libpng:1.2.19:beta5 cpe:/a:libpng:libpng:1.2.19:beta9 cpe:/a:libpng:libpng:1.2.19:rc4 cpe:/a:libpng:libpng:1.2.19:beta6 cpe:/a:libpng:libpng:1.2.19:beta25 cpe:/a:libpng:libpng:1.2.19:beta4 cpe:/a:libpng:libpng:1.2.19:rc5 cpe:/a:libpng:libpng:1.2.19:beta10 cpe:/a:libpng:libpng:1.2.19:beta20 cpe:/a:libpng:libpng:1.2.19:beta15 cpe:/a:libpng:libpng:1.2.19:rc1 cpe:/a:libpng:libpng:1.2.19:beta18 cpe:/a:libpng:libpng:1.2.19:beta8 cpe:/a:libpng:libpng:1.2.19:beta26 cpe:/a:libpng:libpng:1.2.19:beta30 cpe:/a:libpng:libpng:1.2.19:rc3 cpe:/a:libpng:libpng:1.2.18 cpe:/a:libpng:libpng:1.2.17 cpe:/a:libpng:libpng:1.2.17:rc2 cpe:/a:libpng:libpng:1.2.17:rc4 cpe:/a:libpng:libpng:1.2.17:beta1 cpe:/a:libpng:libpng:1.2.17:beta2 cpe:/a:libpng:libpng:1.2.17:rc1 cpe:/a:libpng:libpng:1.2.17:rc3 cpe:/a:libpng:libpng:1.2.16 cpe:/a:libpng:libpng:1.2.16:rc1 cpe:/a:libpng:libpng:1.2.16:beta2 cpe:/a:libpng:libpng:1.2.16:beta1 cpe:/a:libpng:libpng:1.2.15:beta2 cpe:/a:libpng:libpng:1.2.15:rc5 cpe:/a:libpng:libpng:1.2.15 cpe:/a:libpng:libpng:1.2.15:beta4 cpe:/a:libpng:libpng:1.2.15:rc2 cpe:/a:libpng:libpng:1.2.15:rc1 cpe:/a:libpng:libpng:1.2.15:rc4 cpe:/a:libpng:libpng:1.2.15:beta6 cpe:/a:libpng:libpng:1.2.15:beta3 cpe:/a:libpng:libpng:1.2.15:beta5 cpe:/a:libpng:libpng:1.2.15:beta1 cpe:/a:libpng:libpng:1.2.15:rc3 cpe:/a:libpng:libpng:1.2.14:beta2 cpe:/a:libpng:libpng:1.2.14:rc1 cpe:/a:libpng:libpng:1.2.14 cpe:/a:libpng:libpng:1.2.14:beta1 cpe:/a:libpng:libpng:1.2.13 cpe:/a:libpng:libpng:1.2.13:rc2 cpe:/a:libpng:libpng:1.2.13:rc1 cpe:/a:libpng:libpng:1.2.13:beta1 cpe:/a:libpng:libpng:1.2.11:beta2 cpe:/a:libpng:libpng:1.2.11:beta3 cpe:/a:libpng:libpng:1.2.11:beta1 cpe:/a:libpng:libpng:1.2.11:beta4 cpe:/a:libpng:libpng:1.2.11:rc3 cpe:/a:libpng:libpng:1.2.11:rc2 cpe:/a:libpng:libpng:1.2.11:rc5 cpe:/a:libpng:libpng:1.2.11:rc1 cpe:/a:libpng:libpng:1.2.11 cpe:/a:libpng:libpng:1.2.10:beta3 cpe:/a:libpng:libpng:1.2.10:rc3 cpe:/a:libpng:libpng:1.2.10:beta1 cpe:/a:libpng:libpng:1.2.10:rc2 cpe:/a:libpng:libpng:1.2.10:beta7 cpe:/a:libpng:libpng:1.2.10:beta6 cpe:/a:libpng:libpng:1.2.10:rc1 cpe:/a:libpng:libpng:1.2.10:beta5 cpe:/a:libpng:libpng:1.2.10:beta4 cpe:/a:libpng:libpng:1.2.10:beta2 cpe:/a:libpng:libpng:1.2.10 cpe:/a:libpng:libpng:1.2.1 cpe:/a:libpng:libpng:1.2.1:rc2 cpe:/a:libpng:libpng:1.2.1:beta4 cpe:/a:libpng:libpng:1.2.1:beta1 cpe:/a:libpng:libpng:1.2.1:beta2 cpe:/a:libpng:libpng:1.2.1:beta3 cpe:/a:libpng:libpng:1.2.1:rc1 cpe:/a:libpng:libpng:1.2.0:beta3 cpe:/a:libpng:libpng:1.2.0:beta5 cpe:/a:libpng:libpng:1.2.0 cpe:/a:libpng:libpng:1.2.0:beta1 cpe:/a:libpng:libpng:1.2.0:beta4 cpe:/a:libpng:libpng:1.2.0:rc1 cpe:/a:libpng:libpng:1.2.0:beta2 cpe:/a:libpng:libpng:1.0.9:beta1 cpe:/a:libpng:libpng:1.0.9:beta3 cpe:/a:libpng:libpng:1.0.9:beta2 cpe:/a:libpng:libpng:1.0.9:beta10 cpe:/a:libpng:libpng:1.0.9:beta6 cpe:/a:libpng:libpng:1.0.9:rc2 cpe:/a:libpng:libpng:1.0.9:beta9 cpe:/a:libpng:libpng:1.0.9:beta5 cpe:/a:libpng:libpng:1.0.9:beta8 cpe:/a:libpng:libpng:1.0.9:rc1 cpe:/a:libpng:libpng:1.0.9:beta4 cpe:/a:libpng:libpng:1.0.9:beta7 cpe:/a:libpng:libpng:1.0.9 cpe:/a:libpng:libpng:1.0.8 cpe:/a:libpng:libpng:1.0.8:beta3 cpe:/a:libpng:libpng:1.0.8:beta2 cpe:/a:libpng:libpng:1.0.8:beta4 cpe:/a:libpng:libpng:1.0.8:rc1 cpe:/a:libpng:libpng:1.0.8:beta1 cpe:/a:libpng:libpng:1.0.7:beta11 cpe:/a:libpng:libpng:1.0.7:beta17 cpe:/a:libpng:libpng:1.0.7 cpe:/a:libpng:libpng:1.0.7:rc1 cpe:/a:libpng:libpng:1.0.7:beta16 cpe:/a:libpng:libpng:1.0.7:beta15 cpe:/a:libpng:libpng:1.0.7:beta13 cpe:/a:libpng:libpng:1.0.7:beta12 cpe:/a:libpng:libpng:1.0.7:rc2 cpe:/a:libpng:libpng:1.0.7:beta18 cpe:/a:libpng:libpng:1.0.7:beta14 cpe:/a:libpng:libpng:1.0.6:j cpe:/a:libpng:libpng:1.0.6:h cpe:/a:libpng:libpng:1.0.6:d cpe:/a:libpng:libpng:1.0.6:e cpe:/a:libpng:libpng:1.0.6:i cpe:/a:libpng:libpng:1.0.6:f cpe:/a:libpng:libpng:1.0.6 cpe:/a:libpng:libpng:1.0.6:a cpe:/a:libpng:libpng:1.0.6:g cpe:/a:libpng:libpng:1.0.5 cpe:/a:libpng:libpng:1.0.42 cpe:/a:libpng:libpng:1.0.41 cpe:/a:libpng:libpng:1.0.40 cpe:/a:libpng:libpng:1.0.39 cpe:/a:libpng:libpng:1.0.38 cpe:/a:libpng:libpng:1.0.37 cpe:/a:libpng:libpng:1.0.35 cpe:/a:libpng:libpng:1.0.34 cpe:/a:libpng:libpng:1.0.33 cpe:/a:libpng:libpng:1.0.32 cpe:/a:libpng:libpng:1.0.31 cpe:/a:libpng:libpng:1.0.30 cpe:/a:libpng:libpng:1.0.3 cpe:/a:libpng:libpng:1.0.29:rc3 cpe:/a:libpng:libpng:1.0.29:rc2 cpe:/a:libpng:libpng:1.0.29 cpe:/a:libpng:libpng:1.0.29:rc1 cpe:/a:libpng:libpng:1.0.29:beta1 cpe:/a:libpng:libpng:1.0.28:rc2 cpe:/a:libpng:libpng:1.0.28:rc5 cpe:/a:libpng:libpng:1.0.28:rc3 cpe:/a:libpng:libpng:1.0.28 cpe:/a:libpng:libpng:1.0.28:rc4 cpe:/a:libpng:libpng:1.0.28:rc6 cpe:/a:libpng:libpng:1.0.27:rc5 cpe:/a:libpng:libpng:1.0.27:rc4 cpe:/a:libpng:libpng:1.0.27:rc1 cpe:/a:libpng:libpng:1.0.27 cpe:/a:libpng:libpng:1.0.27:rc6 cpe:/a:libpng:libpng:1.0.27:rc3 cpe:/a:libpng:libpng:1.0.27:rc2 cpe:/a:libpng:libpng:1.0.26 cpe:/a:libpng:libpng:1.0.25:rc2 cpe:/a:libpng:libpng:1.0.25:rc1 cpe:/a:libpng:libpng:1.0.25 cpe:/a:libpng:libpng:1.0.24:rc1 cpe:/a:libpng:libpng:1.0.24 cpe:/a:libpng:libpng:1.0.23:rc1 cpe:/a:libpng:libpng:1.0.23:rc3 cpe:/a:libpng:libpng:1.0.23:rc2 cpe:/a:libpng:libpng:1.0.23:rc4 cpe:/a:libpng:libpng:1.0.23:rc5 cpe:/a:libpng:libpng:1.0.23 cpe:/a:libpng:libpng:1.0.22 cpe:/a:libpng:libpng:1.0.22:rc1 cpe:/a:libpng:libpng:1.0.21:rc2 cpe:/a:libpng:libpng:1.0.21:rc1 cpe:/a:libpng:libpng:1.0.21 cpe:/a:libpng:libpng:1.0.20 cpe:/a:libpng:libpng:1.0.2 cpe:/a:libpng:libpng:1.0.19:rc5 cpe:/a:libpng:libpng:1.0.19 cpe:/a:libpng:libpng:1.0.19:rc1 cpe:/a:libpng:libpng:1.0.19:rc3 cpe:/a:libpng:libpng:1.0.19:rc2 cpe:/a:libpng:libpng:1.0.18 cpe:/a:libpng:libpng:1.0.17 cpe:/a:libpng:libpng:1.0.17:rc1 cpe:/a:libpng:libpng:1.0.16 cpe:/a:libpng:libpng:1.0.15:rc3 cpe:/a:libpng:libpng:1.0.15 cpe:/a:libpng:libpng:1.0.15:rc1 cpe:/a:libpng:libpng:1.0.15:rc2 cpe:/a:libpng:libpng:1.0.14 cpe:/a:libpng:libpng:1.0.13 cpe:/a:libpng:libpng:1.0.12 cpe:/a:libpng:libpng:1.0.12:rc1 cpe:/a:libpng:libpng:1.0.12:beta1 cpe:/a:libpng:libpng:1.0.11:beta3 cpe:/a:libpng:libpng:1.0.11:beta1 cpe:/a:libpng:libpng:1.0.11 cpe:/a:libpng:libpng:1.0.11:rc1 cpe:/a:libpng:libpng:1.0.11:beta2 cpe:/a:libpng:libpng:1.0.10:rc1 cpe:/a:libpng:libpng:1.0.10:beta1 cpe:/a:libpng:libpng:1.0.10 cpe:/a:libpng:libpng:1.0.1 cpe:/a:libpng:libpng:1.0.0 cpe:/a:libpng:libpng:0.95 cpe:/a:libpng:libpng:0.89c	333
Os	Apple Mac Os X Server cpe:/o:apple:mac_os_x_server:10.4.9 cpe:/o:apple:mac_os_x_server:10.4.8 cpe:/o:apple:mac_os_x_server:10.4.7 cpe:/o:apple:mac_os_x_server:10.4.6 cpe:/o:apple:mac_os_x_server:10.4.5 cpe:/o:apple:mac_os_x_server:10.4.4 cpe:/o:apple:mac_os_x_server:10.4.3 cpe:/o:apple:mac_os_x_server:10.4.2 cpe:/o:apple:mac_os_x_server:10.4.1 cpe:/o:apple:mac_os_x_server:10.4 cpe:/o:apple:mac_os_x_server:10.3.9 cpe:/o:apple:mac_os_x_server:10.3.8 cpe:/o:apple:mac_os_x_server:10.3.7 cpe:/o:apple:mac_os_x_server:10.3.6 cpe:/o:apple:mac_os_x_server:10.3.5 cpe:/o:apple:mac_os_x_server:10.3.4 cpe:/o:apple:mac_os_x_server:10.3.3 cpe:/o:apple:mac_os_x_server:10.3.2 cpe:/o:apple:mac_os_x_server:10.3.1 cpe:/o:apple:mac_os_x_server:10.3 cpe:/o:apple:mac_os_x_server:10.2.8 cpe:/o:apple:mac_os_x_server:10.2.7 cpe:/o:apple:mac_os_x_server:10.2.6 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.1.5 cpe:/o:apple:mac_os_x_server:10.1.4 cpe:/o:apple:mac_os_x_server:10.1.3 cpe:/o:apple:mac_os_x_server:10.1.2 cpe:/o:apple:mac_os_x_server:10.1.1 cpe:/o:apple:mac_os_x_server:10.1 cpe:/o:apple:mac_os_x_server:10.0	36

Open Source Vulnerability Database (OSVDB)

id	Description
53317	libpng 16-bit Gamma Table Handling Uninitialised Pointer Free Arbitrary Code ...
53316	libpng pCAL Chunk Handling Uninitialised Pointer Free Arbitrary Code Execution
53315	libpng png_read_png Function Uninitialised Pointer Free Arbitrary Code Execution
42214	Apache HTTP Server mod_proxy_ftp UTF-7 Encoded XSS
40262	Apache HTTP Server mod_status refresh XSS
39134	Apache mod_imagemap Module Imagemap Unspecified XSS
39133	Apache mod_imap Module Imagemap File Unspecified XSS
38939	Apache HTTP Server Prefork MPM Module Array Modification Local DoS
38630	IBM HTTP Server mod_status mod_status.c Unspecified XSS
37079	Apache HTTP Server mod_cache cache_util.c Malformed Cache-Control Header DoS
37052	Apache HTTP Server mod_status mod_status.c Unspecified XSS
37051	Apache HTTP Server mod_proxy modules/proxy/proxy_util.c Crafted Header Remote...

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-11 00:56:35	Multiple Updates

Type	Count
Capec ID(s)	7
CWE ID(s)	1
Oval ID(s)	9
CPE ID(s)	434
osvdb(s)	12

Related	Severity
VMSA-2009-0007	(High)
CVE-2009-0040	(Medium)
CVE-2007-3847	(Medium)
CVE-2007-1863	(Medium)
CVE-2007-3304	(Medium)
CVE-2008-0005	(Medium)
CVE-2007-6388	(Medium)
CVE-2007-5000	(Medium)
CVE-2006-5752	(Medium)