This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Netapp First view 2018-05-16
Product Snapmanager Last view 2019-10-09
Version * Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software oracle  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:netapp:snapmanager

Activity : Overall

Related : CVE

  Date Alert Description
5.5 2019-10-09 CVE-2019-5507

SnapManager for Oracle prior to version 3.4.2P1 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information.

9.8 2018-06-26 CVE-2017-7657

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.

6.5 2018-05-16 CVE-2018-11212

An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.

CWE : Common Weakness Enumeration

%idName
33% (1) CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggli...
33% (1) CWE-369 Divide By Zero
33% (1) CWE-190 Integer Overflow or Wraparound

Nessus® Vulnerability Scanner

id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-48b73ed393.nasl - Type: ACT_GATHER_INFO
2018-08-20 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4278.nasl - Type: ACT_GATHER_INFO
2018-07-13 Name: The remote Fedora host is missing a security update.
File: fedora_2018-93a507fd0f.nasl - Type: ACT_GATHER_INFO