6.8 - GLSA-201405-07

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	X.Org X Server: Multiple vulnerabilities

Informations
Name	GLSA-201405-07	First vendor Publication	2014-05-15
Vendor	Gentoo	Last vendor Modification	2014-05-15
Severity (Vendor)	High	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score	6.8	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been found in X.Org X Server, allowing attackers to execute arbitrary code or cause a Denial of Service condition.

Background

The X Window System is a graphical windowing system based on a client/server model.

Description

Multiple vulnerabilities have been discovered in X.Org X Server. Please review the CVE identifiers referenced below for details.

Impact

A context-dependent attacker could execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or obtain sensitive information.

Workaround

There is no known workaround at this time.

Resolution

All X.Org X Server users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-base/xorg-server-1.14.3-r2"

References

[ 1 ] CVE-2013-1056 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1056
[ 2 ] CVE-2013-1940 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1940
[ 3 ] CVE-2013-1981 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1981
[ 4 ] CVE-2013-1982 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1982
[ 5 ] CVE-2013-1983 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1983
[ 6 ] CVE-2013-1984 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1984
[ 7 ] CVE-2013-1985 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1985
[ 8 ] CVE-2013-1986 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1986
[ 9 ] CVE-2013-1987 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1987
[ 10 ] CVE-2013-1988 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1988
[ 11 ] CVE-2013-1989 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1989
[ 12 ] CVE-2013-1990 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1990
[ 13 ] CVE-2013-1991 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1991
[ 14 ] CVE-2013-1992 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1992
[ 15 ] CVE-2013-1993 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1993
[ 16 ] CVE-2013-1994 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1994
[ 17 ] CVE-2013-1995 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1995
[ 18 ] CVE-2013-1996 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1996
[ 19 ] CVE-2013-1997 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1997
[ 20 ] CVE-2013-1998 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1998
[ 21 ] CVE-2013-1999 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1999
[ 22 ] CVE-2013-2000 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2000
[ 23 ] CVE-2013-2001 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2001
[ 24 ] CVE-2013-2002 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2002
[ 25 ] CVE-2013-2003 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2003
[ 26 ] CVE-2013-2004 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2004
[ 27 ] CVE-2013-2005 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2005
[ 28 ] CVE-2013-2062 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2062
[ 29 ] CVE-2013-2063 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2063
[ 30 ] CVE-2013-2064 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2064
[ 31 ] CVE-2013-2066 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2066
[ 32 ] CVE-2013-4396 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4396

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201405-07.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201405-07.xml

CWE : Common Weakness Enumeration

%	Id	Name
58 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
32 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
3 %	CWE-399	Resource Management Errors
3 %	CWE-264	Permissions, Privileges, and Access Controls
3 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16397

Oval ID:	oval:org.mitre.oval:def:16397
Title:	USN-1867-1 -- libxv vulnerabilities
Description:	Several security issues were fixed in libxv.
Family:	unix	Class:	patch
Reference(s):	usn-1867-1 CVE-2013-1989 CVE-2013-2066	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libxv
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxv1 DPKG is earlier than 2:1.0.7-1ubuntu0.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxv1 DPKG is earlier than 2:1.0.7-1ubuntu0.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxv1 DPKG is earlier than 2:1.0.6-2ubuntu0.1

Definition Id: oval:org.mitre.oval:def:16421

Oval ID:	oval:org.mitre.oval:def:16421
Title:	USN-1869-1 -- libxxf86dga vulnerabilities
Description:	Several security issues were fixed in libxxf86dga.
Family:	unix	Class:	patch
Reference(s):	usn-1869-1 CVE-2013-1991 CVE-2013-2000	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libxxf86dga
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxxf86dga1 DPKG is earlier than 2:1.1.3-2ubuntu0.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxxf86dga1 DPKG is earlier than 2:1.1.3-2ubuntu0.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxxf86dga1 DPKG is earlier than 2:1.1.2-1ubuntu0.1

Definition Id: oval:org.mitre.oval:def:16607

Oval ID:	oval:org.mitre.oval:def:16607
Title:	USN-1863-1 -- libxrender vulnerability
Description:	Several security issues were fixed in libxrender.
Family:	unix	Class:	patch
Reference(s):	usn-1863-1 CVE-2013-1987	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	libxrender
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxrender1 DPKG is earlier than 1:0.9.7-1ubuntu0.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxrender1 DPKG is earlier than 1:0.9.7-1ubuntu0.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxrender1 DPKG is earlier than 1:0.9.6-2ubuntu0.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND libxrender1 DPKG is earlier than 1:0.9.5-1ubuntu0.1

Definition Id: oval:org.mitre.oval:def:16773

Oval ID:	oval:org.mitre.oval:def:16773
Title:	USN-1858-1 -- libxfixes vulnerability
Description:	Several security issues were fixed in libxfixes.
Family:	unix	Class:	patch
Reference(s):	usn-1858-1 CVE-2013-1983	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libxfixes
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxfixes3 DPKG is earlier than 1:5.0-4ubuntu5.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxfixes3 DPKG is earlier than 1:5.0-4ubuntu5.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxfixes3 DPKG is earlier than 1:5.0-4ubuntu4.1

Definition Id: oval:org.mitre.oval:def:16785

Oval ID:	oval:org.mitre.oval:def:16785
Title:	USN-1862-1 -- libxrandr vulnerability
Description:	Several security issues were fixed in libxrandr.
Family:	unix	Class:	patch
Reference(s):	usn-1862-1 CVE-2013-1986	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libxrandr libxrandr-lts-quantal
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxrandr2 DPKG is earlier than 2:1.4.0-1ubuntu0.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxrandr2 DPKG is earlier than 2:1.4.0-1ubuntu1.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND Packages section libxrandr2 DPKG is earlier than 2:1.3.2-2ubuntu0.2 AND libxrandr-ltsq2 DPKG is earlier than 2:1.4.0-1~precise2

Definition Id: oval:org.mitre.oval:def:16878

Oval ID:	oval:org.mitre.oval:def:16878
Title:	USN-1853-1 -- libfs vulnerability
Description:	Several security issues were fixed in libfs.
Family:	unix	Class:	patch
Reference(s):	usn-1853-1 CVE-2013-1996	Version:	6
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libfs
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libfs6 DPKG is earlier than 2:1.0.4-1ubuntu0.13.04.1 OR Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libfs6 DPKG is earlier than 2:1.0.4-1ubuntu0.12.10.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libfs6 DPKG is earlier than 2:1.0.3-1ubuntu0.1

Definition Id: oval:org.mitre.oval:def:16898

Oval ID:	oval:org.mitre.oval:def:16898
Title:	USN-1888-1 -- Mesa vulnerabilities
Description:	Mesa could be made to crash or run programs as your login if it received specially crafted input.
Family:	unix	Class:	patch
Reference(s):	USN-1888-1 CVE-2013-1872 CVE-2013-1993	Version:	7
Platform(s):	Ubuntu 13.04 Ubuntu 12.04 Ubuntu 12.10	Product(s):
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND Packages section libgl1-mesa-dri DPKG is earlier than 9.0.3-0ubuntu0.2 AND libgl1-mesa-glx DPKG is earlier than 9.0.3-0ubuntu0.2 AND libosmesa6 DPKG is earlier than 9.0.3-0ubuntu0.2 AND libglapi-mesa DPKG is earlier than 9.0.3-0ubuntu0.2 AND libopenvg1-mesa DPKG is earlier than 9.0.3-0ubuntu0.2 AND libgles2-mesa DPKG is earlier than 9.0.3-0ubuntu0.2 AND libegl1-mesa DPKG is earlier than 9.0.3-0ubuntu0.2 AND libxatracker1 DPKG is earlier than 9.0.3-0ubuntu0.2 AND libgles1-mesa DPKG is earlier than 9.0.3-0ubuntu0.2 AND libgbm1 DPKG is earlier than 9.0.3-0ubuntu0.2 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND Packages section libxatracker1-lts-quantal DPKG is earlier than 9.0.3-0ubuntu0.1~precise3 AND libgl1-mesa-dri DPKG is earlier than 8.0.4-0ubuntu0.6 AND libglu1-mesa DPKG is earlier than 8.0.4-0ubuntu0.6 AND libopenvg1-mesa-lts-quantal DPKG is earlier than 9.0.3-0ubuntu0.1~precise3 AND libgl1-mesa-glx DPKG is earlier than 8.0.4-0ubuntu0.6 AND libgles2-mesa-lts-quantal DPKG is earlier than 9.0.3-0ubuntu0.1~precise3 AND libosmesa6 DPKG is earlier than 8.0.4-0ubuntu0.6 AND libgl1-mesa-swx11 DPKG is earlier than 8.0.4-0ubuntu0.6 AND libglapi-mesa DPKG is earlier than 8.0.4-0ubuntu0.6 AND libopenvg1-mesa DPKG is earlier than 8.0.4-0ubuntu0.6 AND libgl1-mesa-dri-lts-quantal DPKG is earlier than 9.0.3-0ubuntu0.1~precise3 AND libglapi-mesa-lts-quantal DPKG is earlier than 9.0.3-0ubuntu0.1~precise3 AND libgles1-mesa-lts-quantal DPKG is earlier than 9.0.3-0ubuntu0.1~precise3 AND libgl1-mesa-glx-lts-quantal DPKG is earlier than 9.0.3-0ubuntu0.1~precise3 AND libgbm1-lts-quantal DPKG is earlier than 9.0.3-0ubuntu0.1~precise3 AND libegl1-mesa DPKG is earlier than 8.0.4-0ubuntu0.6 AND libgles2-mesa DPKG is earlier than 8.0.4-0ubuntu0.6 AND libegl1-mesa-lts-quantal DPKG is earlier than 9.0.3-0ubuntu0.1~precise3 AND libxatracker1 DPKG is earlier than 8.0.4-0ubuntu0.6 AND libgles1-mesa DPKG is earlier than 8.0.4-0ubuntu0.6 AND libgbm1 DPKG is earlier than 8.0.4-0ubuntu0.6 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND Packages section libgl1-mesa-dri DPKG is earlier than 9.1.3-0ubuntu0.3 AND libgl1-mesa-glx DPKG is earlier than 9.1.3-0ubuntu0.3 AND libosmesa6 DPKG is earlier than 9.1.3-0ubuntu0.3 AND libglapi-mesa DPKG is earlier than 9.1.3-0ubuntu0.3 AND libopenvg1-mesa DPKG is earlier than 9.1.3-0ubuntu0.3 AND libgles2-mesa DPKG is earlier than 9.1.3-0ubuntu0.3 AND libegl1-mesa DPKG is earlier than 9.1.3-0ubuntu0.3 AND libxatracker1 DPKG is earlier than 9.1.3-0ubuntu0.3 AND libgles1-mesa DPKG is earlier than 9.1.3-0ubuntu0.3 AND libgbm1 DPKG is earlier than 9.1.3-0ubuntu0.3

Definition Id: oval:org.mitre.oval:def:16944

Oval ID:	oval:org.mitre.oval:def:16944
Title:	USN-1864-1 -- libxres vulnerabilities
Description:	Several security issues were fixed in libxres.
Family:	unix	Class:	patch
Reference(s):	usn-1864-1 CVE-2013-1988	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libxres
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxres1 DPKG is earlier than 2:1.0.6-1ubuntu0.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxres1 DPKG is earlier than 2:1.0.6-1ubuntu0.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxres1 DPKG is earlier than 2:1.0.5-1ubuntu0.1

Definition Id: oval:org.mitre.oval:def:17044

Oval ID:	oval:org.mitre.oval:def:17044
Title:	USN-1852-1 -- libdmx vulnerability
Description:	Several security issues were fixed in libdmx.
Family:	unix	Class:	patch
Reference(s):	usn-1852-1 CVE-2013-1992	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libdmx
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libdmx1 DPKG is earlier than 1:1.1.2-1ubuntu0.13.04.1 OR Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libdmx1 DPKG is earlier than 1:1.1.2-1ubuntu0.12.10.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libdmx1 DPKG is earlier than 1:1.1.1-1ubuntu0.1

Definition Id: oval:org.mitre.oval:def:17140

Oval ID:	oval:org.mitre.oval:def:17140
Title:	USN-1870-1 -- libxxf86vm vulnerability
Description:	Several security issues were fixed in libxxf86vm.
Family:	unix	Class:	patch
Reference(s):	usn-1870-1 CVE-2013-2001	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	libxxf86vm
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxxf86vm1 DPKG is earlier than 1:1.1.2-1ubuntu0.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxxf86vm1 DPKG is earlier than 1:1.1.2-1ubuntu0.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxxf86vm1 DPKG is earlier than 1:1.1.1-2ubuntu0.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND libxxf86vm1 DPKG is earlier than 1:1.1.0-2ubuntu0.1

Definition Id: oval:org.mitre.oval:def:17160

Oval ID:	oval:org.mitre.oval:def:17160
Title:	USN-1861-1 -- libxp vulnerability
Description:	Several security issues were fixed in libxp.
Family:	unix	Class:	patch
Reference(s):	usn-1861-1 CVE-2013-2062	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libxp
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxp6 DPKG is earlier than 1:1.0.1-2ubuntu0.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxp6 DPKG is earlier than 1:1.0.1-2ubuntu0.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxp6 DPKG is earlier than 1:1.0.1-2ubuntu0.12.04.1

Definition Id: oval:org.mitre.oval:def:17182

Oval ID:	oval:org.mitre.oval:def:17182
Title:	USN-1866-1 -- libxtst vulnerabilities
Description:	Several security issues were fixed in libxtst.
Family:	unix	Class:	patch
Reference(s):	usn-1866-1 CVE-2013-2063	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	libxtst
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxtst6 DPKG is earlier than 2:1.2.1-1ubuntu0.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxtst6 DPKG is earlier than 2:1.2.1-1ubuntu0.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxtst6 DPKG is earlier than 2:1.2.0-4ubuntu0.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND libxtst6 DPKG is earlier than 2:1.1.0-2ubuntu0.1

Definition Id: oval:org.mitre.oval:def:17209

Oval ID:	oval:org.mitre.oval:def:17209
Title:	USN-1868-1 -- libxvmc vulnerabilities
Description:	Several security issues were fixed in libxvmc.
Family:	unix	Class:	patch
Reference(s):	usn-1868-1 CVE-2013-1990 CVE-2013-1999	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libxvmc
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxvmc1 DPKG is earlier than 2:1.0.7-1ubuntu1.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxvmc1 DPKG is earlier than 2:1.0.7-1ubuntu1.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxvmc1 DPKG is earlier than 2:1.0.6-1ubuntu2.1

Definition Id: oval:org.mitre.oval:def:17213

Oval ID:	oval:org.mitre.oval:def:17213
Title:	USN-1859-1 -- libxi vulnerabilities
Description:	Several security issues were fixed in libxi.
Family:	unix	Class:	patch
Reference(s):	usn-1859-1 CVE-2013-1984 CVE-2013-1995 CVE-2013-1998	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	libxi
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxi6 DPKG is earlier than 2:1.6.1-1ubuntu0.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxi6 DPKG is earlier than 2:1.6.99.1-0ubuntu3.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxi6 DPKG is earlier than 2:1.6.0-0ubuntu2.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND libxi6 DPKG is earlier than 2:1.3-3ubuntu0.2

Definition Id: oval:org.mitre.oval:def:17274

Oval ID:	oval:org.mitre.oval:def:17274
Title:	USN-1855-1 -- libxcb vulnerability
Description:	Several security issues were fixed in libxcb.
Family:	unix	Class:	patch
Reference(s):	usn-1855-1 CVE-2013-2064	Version:	7
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	libxcb
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxcb1 DPKG is earlier than 1.8.1-2ubuntu2.1 OR Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxcb1 DPKG is earlier than 1.8.1-1ubuntu1.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxcb1 DPKG is earlier than 1.8.1-1ubuntu0.2 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND libxcb1 DPKG is earlier than 1.5-2ubuntu0.1

Definition Id: oval:org.mitre.oval:def:17279

Oval ID:	oval:org.mitre.oval:def:17279
Title:	USN-1856-1 -- libxext vulnerability
Description:	Several security issues were fixed in libxext.
Family:	unix	Class:	patch
Reference(s):	usn-1856-1 CVE-2013-2003	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libxcursor
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxcursor1 DPKG is earlier than 1:1.1.13-1ubuntu0.13.04.1 OR Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxcursor1 DPKG is earlier than 1:1.1.13-1ubuntu0.12.10.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxcursor1 DPKG is earlier than 1:1.1.12-1ubuntu0.1

Definition Id: oval:org.mitre.oval:def:17286

Oval ID:	oval:org.mitre.oval:def:17286
Title:	USN-1854-1 -- libx11 vulnerability
Description:	Several security issues were fixed in libx11.
Family:	unix	Class:	patch
Reference(s):	usn-1854-1 CVE-2013-1981 CVE-2013-1997 CVE-2013-2004	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	libx11
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libx11-6 DPKG is earlier than 2:1.5.0-1ubuntu1.1 OR Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libx11-6 DPKG is earlier than 2:1.5.0-1ubuntu0.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libx11-6 DPKG is earlier than 2:1.4.99.1-0ubuntu2.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND libx11-6 DPKG is earlier than 2:1.3.2-1ubuntu3.1

Definition Id: oval:org.mitre.oval:def:17310

Oval ID:	oval:org.mitre.oval:def:17310
Title:	USN-1871-1 -- xserver-xorg-video-openchrome vulnerability
Description:	Several security issues were fixed in xserver-xorg-video-openchrome.
Family:	unix	Class:	patch
Reference(s):	usn-1871-1 CVE-2013-1994	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	xserver-xorg-video-openchrome xserver-xorg-video-openchrome-lts-quantal
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND xserver-xorg-video-openchrome DPKG is earlier than 1:0.3.1-0ubuntu1.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND xserver-xorg-video-openchrome DPKG is earlier than 1:0.3.1-0ubuntu1.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND Packages section xserver-xorg-video-openchrome-lts-quantal DPKG is earlier than 1:0.3.1-0ubuntu1~precise3 AND xserver-xorg-video-openchrome DPKG is earlier than 1:0.2.904+svn1050-1ubuntu0.1

Definition Id: oval:org.mitre.oval:def:17349

Oval ID:	oval:org.mitre.oval:def:17349
Title:	USN-1860-1 -- libxinerama vulnerability
Description:	Several security issues were fixed in libxp.
Family:	unix	Class:	patch
Reference(s):	usn-1860-1 CVE-2013-1985	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libxinerama
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxinerama1 DPKG is earlier than 2:1.1.2-1ubuntu0.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxinerama1 DPKG is earlier than 2:1.1.2-1ubuntu0.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxinerama1 DPKG is earlier than 2:1.1.1-3ubuntu0.1

Definition Id: oval:org.mitre.oval:def:17398

Oval ID:	oval:org.mitre.oval:def:17398
Title:	USN-1857-1 -- libxext vulnerability
Description:	Several security issues were fixed in libxext.
Family:	unix	Class:	patch
Reference(s):	usn-1857-1 CVE-2013-1982	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	libxext
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxext6 DPKG is earlier than 2:1.3.1-2ubuntu0.13.04.1 OR Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxext6 DPKG is earlier than 2:1.3.1-2ubuntu0.12.10.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxext6 DPKG is earlier than 2:1.3.0-3ubuntu0.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND libxext6 DPKG is earlier than 2:1.1.1-2ubuntu0.1

Definition Id: oval:org.mitre.oval:def:17813

Oval ID:	oval:org.mitre.oval:def:17813
Title:	DSA-2661-1 xorg-server - information disclosure
Description:	David Airlie and Peter Hutterer of Red Hat discovered that xorg-server, the X.Org X server was vulnerable to an information disclosure flaw related to input handling and devices hotplug.
Family:	unix	Class:	patch
Reference(s):	DSA-2661-1 CVE-2013-1940	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xorg-server
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xorg-server DPKG is earlier than 2:1.7.7-16

Definition Id: oval:org.mitre.oval:def:18004

Oval ID:	oval:org.mitre.oval:def:18004
Title:	DSA-2679-1 xserver-xorg-video-openchrome - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2679-1 CVE-2013-1994	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	xserver-xorg-video-openchrome
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xserver-xorg-video-openchrome DPKG is earlier than 1:0.2.904+svn842-2+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xserver-xorg-video-openchrome DPKG is earlier than 1:0.2.906-2+deb7u1

Definition Id: oval:org.mitre.oval:def:18077

Oval ID:	oval:org.mitre.oval:def:18077
Title:	DSA-2691-1 libxinerama - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2691-1 CVE-2013-1985	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxinerama
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxinerama DPKG is earlier than 2:1.1-3+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxinerama DPKG is earlier than 2:1.1.2-1+deb7u1

Definition Id: oval:org.mitre.oval:def:18285

Oval ID:	oval:org.mitre.oval:def:18285
Title:	USN-1803-1 -- xorg-server, xorg-server-lts-quantal vulnerability
Description:	The X server could be made to reveal keystrokes of other users.
Family:	unix	Class:	patch
Reference(s):	USN-1803-1 CVE-2013-1940	Version:	5
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	xorg-server xorg-server-lts-quantal
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND xserver-xorg-core DPKG is earlier than 2:1.13.0-0ubuntu6.2 AND Release section Ubuntu 12.04 is installed Packages match section xserver-xorg-core DPKG is earlier than 2:1.11.4-0ubuntu10.13 AND xserver-xorg-core-lts-quantal DPKG is earlier than 2:1.13.0-0ubuntu6.1~precise3 AND Release section Ubuntu 11.10 is installed AND xserver-xorg-core DPKG is earlier than 2:1.10.4-1ubuntu4.5 AND Release section Ubuntu 10.04 is installed AND xserver-xorg-core DPKG is earlier than 2:1.7.6-2ubuntu7.12

Definition Id: oval:org.mitre.oval:def:18334

Oval ID:	oval:org.mitre.oval:def:18334
Title:	DSA-2677-1 libxrender - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2677-1 CVE-2013-1987	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxrender
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxrender DPKG is earlier than 1:0.9.6-1+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxrender DPKG is earlier than 1:0.9.7-1+deb7u1

Definition Id: oval:org.mitre.oval:def:18344

Oval ID:	oval:org.mitre.oval:def:18344
Title:	DSA-2681-1 libxcursor - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2681-1 CVE-2013-2003	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxcursor
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxcursor DPKG is earlier than 1:1.1.10-2+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxcursor DPKG is earlier than 1:1.1.13-1+deb7u1

Definition Id: oval:org.mitre.oval:def:18372

Oval ID:	oval:org.mitre.oval:def:18372
Title:	DSA-2685-1 libxp - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2685-1 CVE-2013-2062	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxp
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxp DPKG is earlier than 1:1.0.0.xsf1-2+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxp DPKG is earlier than 1:1.0.1-2+deb7u1

Definition Id: oval:org.mitre.oval:def:18377

Oval ID:	oval:org.mitre.oval:def:18377
Title:	DSA-2693-1 libx11 - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2693-1 CVE-2013-1981 CVE-2013-1997 CVE-2013-2004	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libx11
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libx11 DPKG is earlier than 2:1.3.3-4+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libx11 DPKG is earlier than 2:1.5.0-1+deb7u1

Definition Id: oval:org.mitre.oval:def:18459

Oval ID:	oval:org.mitre.oval:def:18459
Title:	DSA-2675-1 libxvmc - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2675-1 CVE-2013-1990 CVE-2013-1999	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxvmc
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxvmc DPKG is earlier than 2:1.0.5-1+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxvmc DPKG is earlier than 2:1.0.7-1+deb7u1

Definition Id: oval:org.mitre.oval:def:18462

Oval ID:	oval:org.mitre.oval:def:18462
Title:	DSA-2689-1 libxtst - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2689-1 CVE-2013-2063	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxtst
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxtst DPKG is earlier than 2:1.1.0-3+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxtst DPKG is earlier than 2:1.2.1-1+deb7u1

Definition Id: oval:org.mitre.oval:def:18523

Oval ID:	oval:org.mitre.oval:def:18523
Title:	DSA-2683-1 libxi - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2683-1 CVE-2013-1984 CVE-2013-1995 CVE-2013-1998	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxi
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxi DPKG is earlier than 2:1.3-8 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxi DPKG is earlier than 2:1.6.1-1+deb7u1

Definition Id: oval:org.mitre.oval:def:18576

Oval ID:	oval:org.mitre.oval:def:18576
Title:	DSA-2687-1 libfs - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2687-1 CVE-2013-1996	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libfs
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libfs DPKG is earlier than 2:1.0.2-1+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libfs DPKG is earlier than 2:1.0.4-1+deb7u1

Definition Id: oval:org.mitre.oval:def:18583

Oval ID:	oval:org.mitre.oval:def:18583
Title:	DSA-2673-1 libdmx - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2673-1 CVE-2013-1992	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libdmx
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libdmx DPKG is earlier than 1:1.1.0-2+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libdmx DPKG is earlier than 1:1.1.2-1+deb7u1

Definition Id: oval:org.mitre.oval:def:18944

Oval ID:	oval:org.mitre.oval:def:18944
Title:	USN-1990-1 -- xorg-server, xorg-server-lts-quantal, xorg-server-lts-raring vulnerabilities
Description:	The X.Org X server could be made to crash or run programs as an administrator if it received specially crafted input.
Family:	unix	Class:	patch
Reference(s):	USN-1990-1 CVE-2013-4396 CVE-2013-1056	Version:	6
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	xorg-server xorg-server-lts-quantal xorg-server-lts-raring
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND xserver-xorg-core DPKG is earlier than 2:1.13.3-0ubuntu6.2 AND Release section Ubuntu 12.10 is installed AND xserver-xorg-core DPKG is earlier than 2:1.13.0-0ubuntu6.4 AND Release section Ubuntu 12.04 is installed Packages match section xserver-xorg-core DPKG is earlier than 2:1.11.4-0ubuntu10.14 AND xserver-xorg-core-lts-quantal DPKG is earlier than 2:1.13.0-0ubuntu6.1~precise4 AND xserver-xorg-core-lts-raring DPKG is earlier than 2:1.13.3-0ubuntu6~precise3

Definition Id: oval:org.mitre.oval:def:19497

Oval ID:	oval:org.mitre.oval:def:19497
Title:	DSA-2784-1 xorg-server - use-after-free
Description:	Pedro Ribeiro discovered a use-after-free in the handling of ImageText requests in the Xorg X server, which could result in denial of service or privilege escalation.
Family:	unix	Class:	patch
Reference(s):	DSA-2784-1 CVE-2013-4396	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	xorg-server
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xorg-server DPKG is earlier than 2:1.7.7-17 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xorg-server DPKG is earlier than 2:1.12.4-6+deb7u1

Definition Id: oval:org.mitre.oval:def:19537

Oval ID:	oval:org.mitre.oval:def:19537
Title:	DSA-2692-1 libxxf86vm - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2692-1 CVE-2013-2001	Version:	5
Platform(s):	Debian GNU/Linux 7 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 7 Debian GNU/kFreeBSD 6.0	Product(s):	libxxf86vm
Definition Synopsis:
Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxxf86vm DPKG is earlier than 1:1.1.2-1+deb7u1 AND Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxxf86vm DPKG is earlier than 1:1.1.0-2+squeeze1

Definition Id: oval:org.mitre.oval:def:19734

Oval ID:	oval:org.mitre.oval:def:19734
Title:	DSA-2686-1 libxcb - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2686-1 CVE-2013-2064	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxcb
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxcb DPKG is earlier than 0:1.6-1+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxcb DPKG is earlier than 0:1.8.1-2+deb7u1

Definition Id: oval:org.mitre.oval:def:19908

Oval ID:	oval:org.mitre.oval:def:19908
Title:	DSA-2676-1 libxfixes - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2676-1 CVE-2013-1983	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxfixes
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxfixes DPKG is earlier than 1:4.0.5-1+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxfixes DPKG is earlier than 1:5.0-4+deb7u1

Definition Id: oval:org.mitre.oval:def:19924

Oval ID:	oval:org.mitre.oval:def:19924
Title:	DSA-2690-1 libxxf86dga - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2690-1 CVE-2013-1991 CVE-2013-2000	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxxf86dga
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxxf86dga DPKG is earlier than 2:1.1.1-2+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxxf86dga DPKG is earlier than 2:1.1.3-2+deb7u1

Definition Id: oval:org.mitre.oval:def:19955

Oval ID:	oval:org.mitre.oval:def:19955
Title:	DSA-2684-1 libxrandr - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2684-1 CVE-2013-1986	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxrandr
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxrandr DPKG is earlier than 2:1.3.0-3+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxrandr DPKG is earlier than 2:1.3.2-2+deb7u1

Definition Id: oval:org.mitre.oval:def:19959

Oval ID:	oval:org.mitre.oval:def:19959
Title:	DSA-2680-1 libxt - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2680-1 CVE-2013-2002 CVE-2013-2005	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxt
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxt DPKG is earlier than 1:1.0.7-1+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxt DPKG is earlier than 1:1.1.3-1+deb7u1

Definition Id: oval:org.mitre.oval:def:19978

Oval ID:	oval:org.mitre.oval:def:19978
Title:	DSA-2678-1 mesa - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2678-1 CVE-2013-1993	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	mesa
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND mesa DPKG is earlier than 0:7.7.1-6 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND mesa DPKG is earlier than 0:8.0.5-4+deb7u1

Definition Id: oval:org.mitre.oval:def:20031

Oval ID:	oval:org.mitre.oval:def:20031
Title:	DSA-2682-1 libxext - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2682-1 CVE-2013-1982	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxext
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxext DPKG is earlier than 2:1.1.2-1+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxext DPKG is earlier than 2:1.3.1-2+deb7u1

Definition Id: oval:org.mitre.oval:def:20047

Oval ID:	oval:org.mitre.oval:def:20047
Title:	DSA-2674-1 libxv - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2674-1 CVE-2013-1989 CVE-2013-2066	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxv
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxv DPKG is earlier than 2:1.0.5-1+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxv DPKG is earlier than 2:1.0.7-1+deb7u1

Definition Id: oval:org.mitre.oval:def:20087

Oval ID:	oval:org.mitre.oval:def:20087
Title:	DSA-2688-1 libxres - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2688-1 CVE-2013-1988	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxres
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxres DPKG is earlier than 2:1.0.4-1+squeeze AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxres DPKG is earlier than 2:1.0.6-1+deb7u1

Definition Id: oval:org.mitre.oval:def:20750

Oval ID:	oval:org.mitre.oval:def:20750
Title:	RHSA-2013:0898: mesa security update (Moderate)
Description:	Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0898-00 CESA-2013:0898 CVE-2013-1993	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	mesa
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section mesa-libGLw is earlier than 0:6.5.1-7.11.el5_9 AND glx-utils is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGLU is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGL-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGLU-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa-source is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGLw-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libOSMesa is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGL is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libOSMesa-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa is earlier than 0:6.5.1-7.11.el5_9

Definition Id: oval:org.mitre.oval:def:21134

Oval ID:	oval:org.mitre.oval:def:21134
Title:	RHSA-2013:1426: xorg-x11-server security update (Important)
Description:	Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1426-00 CESA-2013:1426 CVE-2013-4396	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6	Product(s):	xorg-x11-server
Definition Synopsis:
Redhat 6 section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section xorg-x11-server-Xorg is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-source is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-devel is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-common is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xvfb is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xdmx is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xephyr is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xnest is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server is earlier than 0:1.13.0-11.1.el6_4.2 OR Centos 6 section CentOS Linux 6.x AND Packages section xorg-x11-server-Xorg is earlier than 0:1.13.0-11.1.el6.centos.2 AND xorg-x11-server-source is earlier than 0:1.13.0-11.1.el6.centos.2 AND xorg-x11-server-devel is earlier than 0:1.13.0-11.1.el6.centos.2 AND xorg-x11-server-common is earlier than 0:1.13.0-11.1.el6.centos.2 AND xorg-x11-server-Xvfb is earlier than 0:1.13.0-11.1.el6.centos.2 AND xorg-x11-server-Xdmx is earlier than 0:1.13.0-11.1.el6.centos.2 AND xorg-x11-server-Xephyr is earlier than 0:1.13.0-11.1.el6.centos.2 AND xorg-x11-server-Xnest is earlier than 0:1.13.0-11.1.el6.centos.2 AND xorg-x11-server is earlier than 0:1.13.0-11.1.el6.centos.2 AND Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section xorg-x11-server-Xorg is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xvnc-source is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-sdk is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xvfb is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xdmx is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xnest is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xephyr is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server is earlier than 0:1.1.1-48.101.el5_10.1

Definition Id: oval:org.mitre.oval:def:21213

Oval ID:	oval:org.mitre.oval:def:21213
Title:	RHSA-2013:0897: mesa security update (Important)
Description:	Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0897-01 CESA-2013:0897 CVE-2013-1872 CVE-2013-1993	Version:	31
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	mesa
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section mesa-libGL-devel is earlier than 0:9.0-0.8.el6_4.3 AND glx-utils is earlier than 0:9.0-0.8.el6_4.3 AND mesa-dri-drivers is earlier than 0:9.0-0.8.el6_4.3 AND mesa is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libGLU is earlier than 0:9.0-0.8.el6_4.3 AND mesa-dri-filesystem is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libGL is earlier than 0:9.0-0.8.el6_4.3 AND mesa-demos is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libGLU-devel is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libOSMesa-devel is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libOSMesa is earlier than 0:9.0-0.8.el6_4.3

Definition Id: oval:org.mitre.oval:def:21244

Oval ID:	oval:org.mitre.oval:def:21244
Title:	USN-1865-1 -- libxt vulnerabilities
Description:	Several security issues were fixed in libxt.
Family:	unix	Class:	patch
Reference(s):	USN-1865-1 CVE-2013-2002 CVE-2013-2005	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	libxt
Definition Synopsis:
Ubuntu 13.04 release section Ubuntu 13.04 is installed AND libxt6 DPKG is earlier than 1:1.1.3-1ubuntu0.13.04.1 AND Ubuntu 12.10 release section Ubuntu 12.10 is installed AND libxt6 DPKG is earlier than 1:1.1.3-1ubuntu0.12.10.1 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND libxt6 DPKG is earlier than 1:1.1.1-2ubuntu0.1 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND libxt6 DPKG is earlier than 1:1.0.7-1ubuntu0.1

Definition Id: oval:org.mitre.oval:def:21666

Oval ID:	oval:org.mitre.oval:def:21666
Title:	Vulnerability in the X server on AIX
Description:	Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-4396	Version:	3
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists X11.base.rte greater than or equal 5.3.12.0 AND X11.base.rte less than or equal 5.3.12.01 OR File Version Exists X11.base.rte greater than or equal 6.1.7.0 AND X11.base.rte less than or equal 6.1.7.16 OR File Version Exists X11.base.rte greater than or equal 6.1.8.0 AND X11.base.rte less than or equal 6.1.8.0 OR File Version Exists X11.base.rte greater than or equal 6.1.9.0 AND X11.base.rte less than or equal 6.1.9.2 OR File Version Exists X11.base.rte greater than or equal 7.1.1.0 AND X11.base.rte less than or equal 7.1.1.15 OR File Version Exists X11.base.rte greater than or equal 7.1.2.0 AND X11.base.rte less than or equal 7.1.2.0 OR File Version Exists X11.base.rte greater than or equal 7.1.3.0 AND X11.base.rte less than or equal 7.1.3.2

Definition Id: oval:org.mitre.oval:def:23039

Oval ID:	oval:org.mitre.oval:def:23039
Title:	DEPRECATED: ELSA-2013:1426: xorg-x11-server security update (Important)
Description:	Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1426-01 CVE-2013-4396	Version:	7
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	xorg-x11-server
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xorg-x11-server-devel is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-common is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xdmx is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xnest is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-source is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xvfb is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xephyr is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xorg is earlier than 0:1.13.0-11.1.el6_4.2 OR rpm test Oracle Linux 5.x AND rpm test xorg-x11-server-Xvnc-source is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xdmx is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xnest is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-sdk is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xvfb is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xorg is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xephyr is earlier than 0:1.1.1-48.101.el5_10.1

Definition Id: oval:org.mitre.oval:def:23525

Oval ID:	oval:org.mitre.oval:def:23525
Title:	ELSA-2013:0898: mesa security update (Moderate)
Description:	Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0898-00 CVE-2013-1993	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	mesa
Definition Synopsis:
Oracle Linux 5.x rpm test mesa-libGLw is earlier than 0:6.5.1-7.11.el5_9 AND glx-utils is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGLU is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGL-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGLU-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa-source is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGLw-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libOSMesa is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGL is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libOSMesa-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa is earlier than 0:6.5.1-7.11.el5_9

Definition Id: oval:org.mitre.oval:def:23674

Oval ID:	oval:org.mitre.oval:def:23674
Title:	ELSA-2013:0897: mesa security update (Important)
Description:	Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0897-01 CVE-2013-1872 CVE-2013-1993	Version:	13
Platform(s):	Oracle Linux 6	Product(s):	mesa
Definition Synopsis:
Oracle Linux 6.x rpm test mesa-libGL-devel is earlier than 0:9.0-0.8.el6_4.3 AND glx-utils is earlier than 0:9.0-0.8.el6_4.3 AND mesa-dri-drivers is earlier than 0:9.0-0.8.el6_4.3 AND mesa is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libGLU is earlier than 0:9.0-0.8.el6_4.3 AND mesa-dri-filesystem is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libGL is earlier than 0:9.0-0.8.el6_4.3 AND mesa-demos is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libGLU-devel is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libOSMesa-devel is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libOSMesa is earlier than 0:9.0-0.8.el6_4.3

Definition Id: oval:org.mitre.oval:def:24142

Oval ID:	oval:org.mitre.oval:def:24142
Title:	ELSA-2013:1426: xorg-x11-server security update (Important)
Description:	Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1426-01 CVE-2013-4396	Version:	6
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	xorg-x11-server
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xorg-x11-server-devel is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-common is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xdmx is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xnest is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-source is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xvfb is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xephyr is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xorg is earlier than 0:1.13.0-11.1.el6_4.2 OR rpm test Oracle Linux 5.x AND rpm test xorg-x11-server-Xvnc-source is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xdmx is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xnest is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-sdk is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xvfb is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xorg is earlier than 0:1.1.1-48.101.el5_10.1 AND xorg-x11-server-Xephyr is earlier than 0:1.1.1-48.101.el5_10.1

Definition Id: oval:org.mitre.oval:def:25444

Oval ID:	oval:org.mitre.oval:def:25444
Title:	SUSE-SU-2013:1099-2 -- Security update for xorg-x11-libXext
Description:	This update of xorg-x11-libXext fixes several integer overflow issues. Bug 815451/821665 CVE-2013-1982 Security Issues: * CVE-2013-1982 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1982 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1099-2 CVE-2013-1982	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXext
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXext RPM is earlier than 0:7.4-1.18.2 AND xorg-x11-libXext-32bit RPM is earlier than 0:7.4-1.18.2

Definition Id: oval:org.mitre.oval:def:25467

Oval ID:	oval:org.mitre.oval:def:25467
Title:	SUSE-SU-2014:0744-1 -- Security update for xorg-x11-server
Description:	This is a SLES 11 SP1 LTSS rollup update for the X.Org Server package. The following security issues have been fixed: * CVE-2013-6424: Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allowed context-dependent attackers to cause a denial of service (crash) via a negative bottom value. * CVE-2013-4396: Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allowed remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure. * CVE-2013-1940: X.Org X server did not properly restrict access to input events when adding a new hot-plug device, which might have allowed physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0744-1 CVE-2013-6424 CVE-2013-4396 CVE-2013-1940	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	xorg-x11-server
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xorg-x11-Xvnc RPM is earlier than 0:7.4-27.40.70.1 AND xorg-x11-server RPM is earlier than 0:7.4-27.40.70.1 AND xorg-x11-server-extra RPM is earlier than 0:7.4-27.40.70.1

Definition Id: oval:org.mitre.oval:def:25568

Oval ID:	oval:org.mitre.oval:def:25568
Title:	SUSE-SU-2013:1097-2 -- Security update for xorg-x11-libXfixes
Description:	This update of xorg-x11-libXfixes fixed a integer overflow issue. Bug 815451/821667 CVE-2013-1983 Security Issues: * CVE-2013-1983 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1983 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1097-2 CVE-2013-1983	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXfixes
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXfixes RPM is earlier than 0:7.4-1.16.2 AND xorg-x11-libXfixes-32bit RPM is earlier than 0:7.4-1.16.2

Definition Id: oval:org.mitre.oval:def:25613

Oval ID:	oval:org.mitre.oval:def:25613
Title:	SUSE-SU-2013:1098-2 -- Security update for Mesa
Description:	This update of Mesa fixes multiple integer overflows. Security Issue reference: * CVE-2013-1993 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1098-2 CVE-2013-1993	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10	Product(s):	Mesa
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed Packages match section Mesa RPM is earlier than 0:6.4.2-19.20.2 AND Mesa-devel RPM is earlier than 0:6.4.2-19.20.2 AND Mesa-32bit RPM is earlier than 0:6.4.2-19.20.2 AND Mesa-devel-32bit RPM is earlier than 0:6.4.2-19.20.2

Definition Id: oval:org.mitre.oval:def:25628

Oval ID:	oval:org.mitre.oval:def:25628
Title:	SUSE-SU-2013:1095-1 -- Security update for xorg-x11-libXrender
Description:	This update of xorg-x11-libXrender fixes several integer overflow issues (bnc#815451, bnc#821669, CVE-2013-1987). Security Issue reference: * CVE-2013-1987 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1987 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1095-1 CVE-2013-1987	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXrender
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXrender RPM is earlier than 0:7.4-1.16.1 AND xorg-x11-libXrender-32bit RPM is earlier than 0:7.4-1.16.1 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed AND xorg-x11-libXrender-devel RPM is earlier than 0:7.4-1.16.1

Definition Id: oval:org.mitre.oval:def:25657

Oval ID:	oval:org.mitre.oval:def:25657
Title:	SUSE-SU-2013:1100-2 -- Security update for xorg-x11-libX11
Description:	This update of xorg-x11-libX11 fixes several security issues. Bug 815451/821664 CVE-2013-1981 CVE-2013-1997 CVE-2013-2004 Security Issues: * CVE-2013-1981 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981 > * CVE-2013-1997 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997 > * CVE-2013-2004 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1100-2 CVE-2013-1981 CVE-2013-1997 CVE-2013-2004	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libX11
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libX11 RPM is earlier than 0:7.4-5.11.11.1 AND xorg-x11-libX11-32bit RPM is earlier than 0:7.4-5.11.11.1

Definition Id: oval:org.mitre.oval:def:25667

Oval ID:	oval:org.mitre.oval:def:25667
Title:	SUSE-SU-2013:1100-1 -- Security update for xorg-x11-libX11
Description:	This update of xorg-x11-libX11 fixes several security issues (bnc#815451, bnc#821664).
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1100-1 CVE-2013-1981 CVE-2013-1997 CVE-2013-2004	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libX11
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libX11 RPM is earlier than 0:7.4-5.11.11.1 AND xorg-x11-libX11-32bit RPM is earlier than 0:7.4-5.11.11.1 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed AND xorg-x11-libX11-devel RPM is earlier than 0:7.4-5.11.11.1

Definition Id: oval:org.mitre.oval:def:25682

Oval ID:	oval:org.mitre.oval:def:25682
Title:	SUSE-SU-2013:1097-1 -- Security update for xorg-x11-libXfixes
Description:	This update of xorg-x11-libXfixes fixes a integer overflow issue (bnc#815451, bnc#821667, CVE-2013-1983). Security Issue reference: * CVE-2013-1983 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1983 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1097-1 CVE-2013-1983	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXfixes
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXfixes RPM is earlier than 0:7.4-1.16.1 AND xorg-x11-libXfixes-32bit RPM is earlier than 0:7.4-1.16.1 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed AND xorg-x11-libXfixes-devel RPM is earlier than 0:7.4-1.16.1

Definition Id: oval:org.mitre.oval:def:25685

Oval ID:	oval:org.mitre.oval:def:25685
Title:	SUSE-SU-2013:1102-2 -- Security update for xorg-x11-libXp
Description:	This update of xorg-x11-libXp fixes several integer overflow issues. Bug 815451/821668 CVE-2013-2062 Security Issues: * CVE-2013-2062 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2062 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1102-2 CVE-2013-2062	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXp
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXp RPM is earlier than 0:7.4-1.18.1 AND xorg-x11-libXp-32bit RPM is earlier than 0:7.4-1.18.1

Definition Id: oval:org.mitre.oval:def:25707

Oval ID:	oval:org.mitre.oval:def:25707
Title:	SUSE-SU-2013:1099-1 -- Security update for xorg-x11-libXext
Description:	This update of xorg-x11-libXext fixes several integer overflow issues (bnc#815451, bnc#821665, CVE-2013-1982) Security Issue reference: * CVE-2013-1982 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1982 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1099-1 CVE-2013-1982	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXext
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXext RPM is earlier than 0:7.4-1.18.1 AND xorg-x11-libXext-32bit RPM is earlier than 0:7.4-1.18.1 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed AND xorg-x11-libXext-devel RPM is earlier than 0:7.4-1.18.1

Definition Id: oval:org.mitre.oval:def:25730

Oval ID:	oval:org.mitre.oval:def:25730
Title:	SUSE-SU-2014:0916-1 -- Security update for xorg-x11-libxcb
Description:	This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of xorg-x11-libxcb which fixes a security issue.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0916-1 CVE-2013-2064	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	xorg-x11-libxcb
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xorg-x11-libxcb RPM is earlier than 0:7.4-1.22.5.15 AND xorg-x11-libxcb-32bit RPM is earlier than 0:7.4-1.22.5.15

Definition Id: oval:org.mitre.oval:def:25745

Oval ID:	oval:org.mitre.oval:def:25745
Title:	SUSE-SU-2013:1101-1 -- Security update for xorg-x11-libXt
Description:	This update of xorg-x11-libXt fixes several integer and buffer overflow issues (bnc#815451, bnc#821670, CVE-2013-2002, CVE-2013-2005).
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1101-1 CVE-2013-2002 CVE-2013-2005	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXt
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXt RPM is earlier than 0:7.4-1.19.1 AND xorg-x11-libXt-32bit RPM is earlier than 0:7.4-1.19.1 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed AND xorg-x11-libXt-devel RPM is earlier than 0:7.4-1.19.1

Definition Id: oval:org.mitre.oval:def:25764

Oval ID:	oval:org.mitre.oval:def:25764
Title:	SUSE-SU-2013:1102-1 -- Security update for xorg-x11-libXp
Description:	This update of xorg-x11-libXp fixes several integer overflow issues (bnc#815451, bnc#821668, CVE-2013-2062). Security Issue reference: * CVE-2013-2062 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2062 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1102-1 CVE-2013-2062	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXp
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXp RPM is earlier than 0:7.4-1.18.1 AND xorg-x11-libXp-32bit RPM is earlier than 0:7.4-1.18.1 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed AND xorg-x11-libXp-devel RPM is earlier than 0:7.4-1.18.1

Definition Id: oval:org.mitre.oval:def:25780

Oval ID:	oval:org.mitre.oval:def:25780
Title:	SUSE-SU-2013:1095-2 -- Security update for xorg-x11-libXrender
Description:	This update of xorg-x11-libXrender fixes several integer overflow issues. Bug 815451/821669 CVE-2013-1987 Security Issues: * CVE-2013-1987 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1987 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1095-2 CVE-2013-1987	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXrender
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXrender RPM is earlier than 0:7.4-1.16.2 AND xorg-x11-libXrender-32bit RPM is earlier than 0:7.4-1.16.2

Definition Id: oval:org.mitre.oval:def:25786

Oval ID:	oval:org.mitre.oval:def:25786
Title:	SUSE-SU-2013:1096-1 -- Security update for xorg-x11-libxcb
Description:	This update for xorg-x11-libxcb addresses the following security issues: * Fix a deadlock with multi-threaded applications running on real time kernels. (bnc#818829) * Fix an integer overflow in read_packet(). (bnc#821584, CVE-2013-2064) Security Issues: * CVE-2013-2064 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2064 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1096-1 CVE-2013-2064	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libxcb
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libxcb RPM is earlier than 0:7.4-1.22.5.1 AND xorg-x11-libxcb-32bit RPM is earlier than 0:7.4-1.22.5.1 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed AND xorg-x11-libxcb-devel RPM is earlier than 0:7.4-1.22.5.1

Definition Id: oval:org.mitre.oval:def:25813

Oval ID:	oval:org.mitre.oval:def:25813
Title:	SUSE-SU-2013:1101-2 -- Security update for xorg-x11-libXt
Description:	This update of xorg-x11-libXt fixes several integer and buffer overflow issues. Bug 815451/821670 CVE-2013-2002/CVE-2013-2005 Security Issues: * CVE-2013-2002 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002 > * CVE-2013-2005 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1101-2 CVE-2013-2002 CVE-2013-2005	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXt
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXt RPM is earlier than 0:7.4-1.19.2 AND xorg-x11-libXt-32bit RPM is earlier than 0:7.4-1.19.2

Definition Id: oval:org.mitre.oval:def:25825

Oval ID:	oval:org.mitre.oval:def:25825
Title:	SUSE-SU-2014:0906-1 -- Security update for Mesa
Description:	This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of Mesa, fixing security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0906-1 CVE-2013-1993	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	Mesa
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section Mesa RPM is earlier than 0:7.7-5.12.38 AND Mesa-32bit RPM is earlier than 0:7.7-5.12.38

Definition Id: oval:org.mitre.oval:def:25829

Oval ID:	oval:org.mitre.oval:def:25829
Title:	SUSE-SU-2013:1103-2 -- Security update for xorg-x11-libs
Description:	This update of xorg-x11-libs fixes several integer and buffer overflow issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1103-2 CVE-2013-1984 CVE-2013-1985 CVE-2013-1986 CVE-2013-1988 CVE-2013-1990 CVE-2013-1991 CVE-2013-1992 CVE-2013-1995 CVE-2013-1996 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2003 CVE-2013-2063	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libs
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libs RPM is earlier than 0:7.4-8.26.38.1 AND xorg-x11-libs-32bit RPM is earlier than 0:7.4-8.26.38.1

Definition Id: oval:org.mitre.oval:def:25861

Oval ID:	oval:org.mitre.oval:def:25861
Title:	SUSE-SU-2013:1104-2 -- Security update for xorg-x11-libXv
Description:	This update of xorg-x11-libXv fixes several integer and buffer overflow issues. Bug 815451/821671 CVE-2013-1989/CVE-2013-2066 Security Issues: * CVE-2013-1989 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989 > * CVE-2013-2066 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1104-2 CVE-2013-1989 CVE-2013-2066	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXv
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXv RPM is earlier than 0:7.4-1.16.2 AND xorg-x11-libXv-32bit RPM is earlier than 0:7.4-1.16.2

Definition Id: oval:org.mitre.oval:def:25886

Oval ID:	oval:org.mitre.oval:def:25886
Title:	SUSE-SU-2013:0859-1 -- Security update for Xorg
Description:	This update of xorg-x11-server fixes one security issue and two bugs.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0859-1 CVE-2013-1940	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	Xorg
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-Xvnc RPM is earlier than 0:7.4-27.70.72.1 AND xorg-x11-server RPM is earlier than 0:7.4-27.70.72.1 AND xorg-x11-server-extra RPM is earlier than 0:7.4-27.70.72.1

Definition Id: oval:org.mitre.oval:def:25897

Oval ID:	oval:org.mitre.oval:def:25897
Title:	SUSE-SU-2013:1104-1 -- Security update for xorg-x11-libXv
Description:	This update of xorg-x11-libXv fixes several integer and buffer overflow issues (bnc#815451, bnc#821671, CVE-2013-1989, CVE-2013-2066).
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1104-1 CVE-2013-1989 CVE-2013-2066	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXv
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXv RPM is earlier than 0:7.4-1.16.1 AND xorg-x11-libXv-32bit RPM is earlier than 0:7.4-1.16.1 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed AND xorg-x11-libXv-devel RPM is earlier than 0:7.4-1.16.1

Definition Id: oval:org.mitre.oval:def:25916

Oval ID:	oval:org.mitre.oval:def:25916
Title:	SUSE-SU-2013:1183-1 -- Security update for xorg-x11
Description:	This update of xorg-x11 fixes several security vulnerabilities. * Bug 815451- X.Org Security Advisory: May 23, 2013 * Bug 821664 - libX11 * Bug 821671 - libXv * Bug 821670 - libXt * Bug 821669 - libXrender * Bug 821668 - libXp * Bug 821667 - libXfixes * Bug 821665 - libXext * Bug 821663 - libFS, libXcursor, libXi, libXinerama, libXRes, libXtst, libXvMC, libXxf86dga, libXxf86vm, libdmx
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1183-1 CVE-2013-1981 CVE-2013-1982 CVE-2013-1983 CVE-2013-1984 CVE-2013-1985 CVE-2013-1987 CVE-2013-1988 CVE-2013-1989 CVE-2013-1990 CVE-2013-1991 CVE-2013-1992 CVE-2013-1995 CVE-2013-1996 CVE-2013-1997 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2002 CVE-2013-2003 CVE-2013-2004 CVE-2013-2005 CVE-2013-2062 CVE-2013-2063 CVE-2013-2066	Version:	5
Platform(s):	SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10	Product(s):	xorg-x11
Definition Synopsis:
SUSE Linux Enterprise Server 10 and SUSE Linux Enterprise Desktop 10 release section Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed Packages match section xorg-x11 RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-Xnest RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-Xvfb RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-Xvnc RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-devel RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-fonts-100dpi RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-fonts-75dpi RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-fonts-cyrillic RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-fonts-scalable RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-fonts-syriac RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-libs RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-man RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-server RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-server-glx RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-devel-32bit RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-libs-32bit RPM is earlier than 0:6.9.0-50.84.4 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section xorg-x11-doc RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-sdk RPM is earlier than 0:6.9.0-50.84.4

Definition Id: oval:org.mitre.oval:def:25969

Oval ID:	oval:org.mitre.oval:def:25969
Title:	SUSE-SU-2013:1103-1 -- Security update for xorg-x11-libs
Description:	This update of xorg-x11-libs fixes several integer and buffer overflow issues (bnc#815451, bnc#821663).
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1103-1 CVE-2013-1984 CVE-2013-1985 CVE-2013-1986 CVE-2013-1988 CVE-2013-1990 CVE-2013-1991 CVE-2013-1992 CVE-2013-1995 CVE-2013-1996 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2003 CVE-2013-2063	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libs
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libs RPM is earlier than 0:7.4-8.26.36.1 AND xorg-x11-libs-32bit RPM is earlier than 0:7.4-8.26.36.1 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed AND xorg-x11-devel RPM is earlier than 0:7.4-8.26.36.1

Definition Id: oval:org.mitre.oval:def:26026

Oval ID:	oval:org.mitre.oval:def:26026
Title:	SUSE-SU-2013:0857-1 -- Security update for xorg-x11-server
Description:	In some cases, input events are sent to X servers not currently the VT owner, allowing a user to capture passwords. This update fixes this issue. CVE-2013-1940 has been assigned to this issue. Security Issue reference: * CVE-2013-1940 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1940 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0857-1 CVE-2013-1940	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10	Product(s):	xorg-x11-server
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed AND xorg-x11-server RPM is earlier than 0:6.9.0-50.82.1

Definition Id: oval:org.mitre.oval:def:26027

Oval ID:	oval:org.mitre.oval:def:26027
Title:	SUSE-SU-2013:1098-1 -- Security update for Mesa
Description:	This update of Mesa fixes multiple integer overflows. Security Issue reference: * CVE-2013-1993 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1098-1 CVE-2013-1993	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	Mesa
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section Mesa RPM is earlier than 0:7.11.2-0.9.1 AND Mesa-32bit RPM is earlier than 0:7.11.2-0.9.1

Definition Id: oval:org.mitre.oval:def:26059

Oval ID:	oval:org.mitre.oval:def:26059
Title:	SUSE-SU-2014:0882-1 -- Security update for xorg-x11-libXv
Description:	This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of xorg-x11-libXv, fixing security issues and some bugs.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0882-1 CVE-2013-1989 CVE-2013-2066	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	xorg-x11-libXv
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xorg-x11-libXv RPM is earlier than 0:7.4-1.16.8 AND xorg-x11-libXv-32bit RPM is earlier than 0:7.4-1.16.8

Definition Id: oval:org.mitre.oval:def:26104

Oval ID:	oval:org.mitre.oval:def:26104
Title:	SUSE-SU-2014:0915-1 -- Security update for xorg-x11-libXp
Description:	This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of xorg-x11-libXp which fixes a security issue.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0915-1 CVE-2013-2062	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	xorg-x11-libXp
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xorg-x11-libXp RPM is earlier than 0:7.4-1.18.7 AND xorg-x11-libXp-32bit RPM is earlier than 0:7.4-1.18.7

Definition Id: oval:org.mitre.oval:def:26143

Oval ID:	oval:org.mitre.oval:def:26143
Title:	SUSE-SU-2014:0898-1 -- Security update for xorg-x11-libXt
Description:	This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of xorg-x11-libXt, fixing security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0898-1 CVE-2013-2002 CVE-2013-2005	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	xorg-x11-libXt
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xorg-x11-libXt RPM is earlier than 0:7.4-1.19.8 AND xorg-x11-libXt-32bit RPM is earlier than 0:7.4-1.19.8

Definition Id: oval:org.mitre.oval:def:26144

Oval ID:	oval:org.mitre.oval:def:26144
Title:	SUSE-SU-2014:0893-1 -- Security update for xorg-x11-libX11
Description:	This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of xorg-x11-libX11, fixing a security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0893-1 CVE-2013-1981 CVE-2013-1997 CVE-2013-2004	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	xorg-x11-libX11
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xorg-x11-libX11 RPM is earlier than 0:7.4-5.11.11.7 AND xorg-x11-libX11-32bit RPM is earlier than 0:7.4-5.11.11.7

Definition Id: oval:org.mitre.oval:def:26146

Oval ID:	oval:org.mitre.oval:def:26146
Title:	SUSE-SU-2014:0900-1 -- Security update for xorg-x11-libXfixes
Description:	This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of xorg-x11-libXfixes, fixing a security issue.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0900-1 CVE-2013-1983	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	xorg-x11-libXfixes
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xorg-x11-libXfixes RPM is earlier than 0:7.4-1.16.8 AND xorg-x11-libXfixes-32bit RPM is earlier than 0:7.4-1.16.8

Definition Id: oval:org.mitre.oval:def:26151

Oval ID:	oval:org.mitre.oval:def:26151
Title:	SUSE-SU-2014:0883-1 -- Security update for xorg-x11-libXext
Description:	This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of xorg-x11-libXext, fixing a security issue.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0883-1 CVE-2013-1982	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	xorg-x11-libXext
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xorg-x11-libXext RPM is earlier than 0:7.4-1.18.16 AND xorg-x11-libXext-32bit RPM is earlier than 0:7.4-1.18.16

Definition Id: oval:org.mitre.oval:def:26243

Oval ID:	oval:org.mitre.oval:def:26243
Title:	SUSE-SU-2014:0919-1 -- Security update for xorg-x11-libXrender
Description:	This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of xorg-x11-libXrender which fixes a security issue.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0919-1 CVE-2013-1987	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	xorg-x11-libXrender
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xorg-x11-libXrender RPM is earlier than 0:7.4-1.16.8 AND xorg-x11-libXrender-32bit RPM is earlier than 0:7.4-1.16.8

Definition Id: oval:org.mitre.oval:def:26508

Oval ID:	oval:org.mitre.oval:def:26508
Title:	ELSA-2013-1620 -- xorg-x11-server security and bug fix update (low)
Description:	[1.13.0-23] - Fix root window damage reports when Xinerama is active (#919165)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1620 CVE-2013-1940	Version:	3
Platform(s):	Oracle Linux 6	Product(s):	xorg-x11-server
Definition Synopsis:
Oracle Linux 6.x Packages match section xorg-x11-server is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-Xdmx is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-Xephyr is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-Xnest is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-Xorg is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-Xvfb is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-common is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-devel is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-source is earlier than 0:1.13.0-23.el6

Definition Id: oval:org.mitre.oval:def:26759

Oval ID:	oval:org.mitre.oval:def:26759
Title:	RHSA-2014:1436: X11 client libraries security, bug fix, and enhancement update (Moderate)
Description:	The X11 (Xorg) libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an X11 server via a malicious X11 client could use either of these flaws to potentially escalate their privileges on the system. (CVE-2013-1981, CVE-2013-1982, CVE-2013-1983, CVE-2013-1984, CVE-2013-1985, CVE-2013-1986, CVE-2013-1987, CVE-2013-1988, CVE-2013-1989, CVE-2013-1990, CVE-2013-1991, CVE-2013-2003, CVE-2013-2062, CVE-2013-2064) Multiple array index errors, leading to heap-based buffer out-of-bounds write flaws, were found in the way various X11 client libraries handled data returned from an X11 server. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-1997, CVE-2013-1998, CVE-2013-1999, CVE-2013-2000, CVE-2013-2001, CVE-2013-2002, CVE-2013-2066) A buffer overflow flaw was found in the way the XListInputDevices() function of X.Org X11's libXi runtime library handled signed numbers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-1995) A flaw was found in the way the X.Org X11 libXt runtime library used uninitialized pointers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-2005) Two stack-based buffer overflow flaws were found in the way libX11, the Core X11 protocol client library, processed certain user-specified files. A malicious X11 server could possibly use this flaw to crash an X11 client via a specially crafted file. (CVE-2013-2004) The xkeyboard-config package has been upgraded to upstream version 2.11, which provides a number of bug fixes and enhancements over the previous version. (BZ#1077471) This update also fixes the following bugs: * Previously, updating the mesa-libGL package did not update the libX11 package, although it was listed as a dependency of mesa-libGL. This bug has been fixed and updating mesa-libGL now updates all dependent packages as expected. (BZ#1054614) * Previously, closing a customer application could occasionally cause the X Server to terminate unexpectedly. After this update, the X Server no longer hangs when a user closes a customer application. (BZ#971626) All X11 client libraries users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1436-01 CVE-2013-1981 CVE-2013-1982 CVE-2013-1983 CVE-2013-1984 CVE-2013-1985 CVE-2013-1986 CVE-2013-1987 CVE-2013-1988 CVE-2013-1989 CVE-2013-1990 CVE-2013-1991 CVE-2013-1995 CVE-2013-1997 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2002 CVE-2013-2003 CVE-2013-2004 CVE-2013-2005 CVE-2013-2062 CVE-2013-2064 CVE-2013-2066 CESA-2014:1436-CentOS 6	Version:	5
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	libX11 libXcursor libXext libXfixes libXi libXinerama libXp libXrandr libXrender libXres libXt libXtst libXv libXvMC libXxf86dga libXxf86vm libdmx libxcb xcb-proto xkeyboard-config xorg-x11-proto-devel xorg-x11-xtrans-devel
Definition Synopsis:
Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section libX11 is earlier than 0:1.6.0-2.2.el6 AND libX11-common is earlier than 0:1.6.0-2.2.el6 AND libX11-devel is earlier than 0:1.6.0-2.2.el6 AND libXcursor is earlier than 0:1.1.14-2.1.el6 AND libXcursor-devel is earlier than 0:1.1.14-2.1.el6 AND libXext is earlier than 0:1.3.2-2.1.el6 AND libXext-devel is earlier than 0:1.3.2-2.1.el6 AND libXfixes is earlier than 0:5.0.1-2.1.el6 AND libXfixes-devel is earlier than 0:5.0.1-2.1.el6 AND libXi is earlier than 0:1.7.2-2.2.el6 AND libXi-devel is earlier than 0:1.7.2-2.2.el6 AND libXinerama is earlier than 0:1.1.3-2.1.el6 AND libXinerama-devel is earlier than 0:1.1.3-2.1.el6 AND libXp is earlier than 0:1.0.2-2.1.el6 AND libXp-devel is earlier than 0:1.0.2-2.1.el6 AND libXrandr is earlier than 0:1.4.1-2.1.el6 AND libXrandr-devel is earlier than 0:1.4.1-2.1.el6 AND libXrender is earlier than 0:0.9.8-2.1.el6 AND libXrender-devel is earlier than 0:0.9.8-2.1.el6 AND libXres is earlier than 0:1.0.7-2.1.el6 AND libXres-devel is earlier than 0:1.0.7-2.1.el6 AND libXt is earlier than 0:1.1.4-6.1.el6 AND libXt-devel is earlier than 0:1.1.4-6.1.el6 AND libXtst is earlier than 0:1.2.2-2.1.el6 AND libXtst-devel is earlier than 0:1.2.2-2.1.el6 AND libXv is earlier than 0:1.0.9-2.1.el6 AND libXv-devel is earlier than 0:1.0.9-2.1.el6 AND libXvMC is earlier than 0:1.0.8-2.1.el6 AND libXvMC-devel is earlier than 0:1.0.8-2.1.el6 AND libXxf86dga is earlier than 0:1.1.4-2.1.el6 AND libXxf86dga-devel is earlier than 0:1.1.4-2.1.el6 AND libXxf86vm is earlier than 0:1.1.3-2.1.el6 AND libXxf86vm-devel is earlier than 0:1.1.3-2.1.el6 AND libdmx is earlier than 0:1.1.3-3.el6 AND libdmx-devel is earlier than 0:1.1.3-3.el6 AND libxcb is earlier than 0:1.9.1-2.el6 AND libxcb-devel is earlier than 0:1.9.1-2.el6 AND libxcb-doc is earlier than 0:1.9.1-2.el6 AND libxcb-python is earlier than 0:1.9.1-2.el6 AND xcb-proto is earlier than 0:1.8-3.el6 AND xkeyboard-config is earlier than 0:2.11-1.el6 AND xkeyboard-config-devel is earlier than 0:2.11-1.el6 AND xorg-x11-proto-devel is earlier than 0:7.7-9.el6 AND xorg-x11-xtrans-devel is earlier than 0:1.3.4-1.el6 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section libX11-debuginfo is earlier than 0:1.6.0-2.2.el6 AND libXcursor-debuginfo is earlier than 0:1.1.14-2.1.el6 AND libXext-debuginfo is earlier than 0:1.3.2-2.1.el6 AND libXfixes-debuginfo is earlier than 0:5.0.1-2.1.el6 AND libXi-debuginfo is earlier than 0:1.7.2-2.2.el6 AND libXinerama-debuginfo is earlier than 0:1.1.3-2.1.el6 AND libXp-debuginfo is earlier than 0:1.0.2-2.1.el6 AND libXrandr-debuginfo is earlier than 0:1.4.1-2.1.el6 AND libXrender-debuginfo is earlier than 0:0.9.8-2.1.el6 AND libXres-debuginfo is earlier than 0:1.0.7-2.1.el6 AND libXt-debuginfo is earlier than 0:1.1.4-6.1.el6 AND libXtst-debuginfo is earlier than 0:1.2.2-2.1.el6 AND libXv-debuginfo is earlier than 0:1.0.9-2.1.el6 AND libXvMC-debuginfo is earlier than 0:1.0.8-2.1.el6 AND libXxf86dga-debuginfo is earlier than 0:1.1.4-2.1.el6 AND libXxf86vm-debuginfo is earlier than 0:1.1.3-2.1.el6 AND libdmx-debuginfo is earlier than 0:1.1.3-3.el6 AND libxcb-debuginfo is earlier than 0:1.9.1-2.el6

Definition Id: oval:org.mitre.oval:def:27049

Oval ID:	oval:org.mitre.oval:def:27049
Title:	RHSA-2013:1620 -- xorg-x11-server security and bug fix update (Low)
Description:	X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A flaw was found in the way the X.org X11 server registered new hot plugged devices. If a local user switched to a different session and plugged in a new device, input from that device could become available in the previous session, possibly leading to information disclosure. (CVE-2013-1940) This issue was found by David Airlie and Peter Hutterer of Red Hat. This update also fixes the following bugs: * A previous upstream patch modified the Xephyr X server to be resizeable, however, it did not enable the resize functionality by default. As a consequence, X sandboxes were not resizeable on Red Hat Enterprise Linux 6.4 and later. This update enables the resize functionality by default so that X sandboxes can now be resized as expected. (BZ#915202) * In Red Hat Enterprise Linux 6, the X Security extension (XC-SECURITY) has been disabled and replaced by X Access Control Extension (XACE). However, XACE does not yet include functionality that was previously available in XC-SECURITY. With this update, XC-SECURITY is enabled in the xorg-x11-server spec file on Red Hat Enterprise Linux 6. (BZ#957298) * Upstream code changes to extension initialization accidentally disabled the GLX extension in Xvfb (the X virtual frame buffer), rendering headless 3D applications not functional. An upstream patch to this problem has been backported so the GLX extension is enabled again, and applications relying on this extension work as expected. (BZ#969538) All xorg-x11-server users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1620 CESA-2013:1620 CVE-2013-1940	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	xorg-x11-server
Definition Synopsis:
Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section xorg-x11-server-Xdmx is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-Xephyr is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-Xnest is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-Xorg is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-Xvfb is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-common is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-debuginfo is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-devel is earlier than 0:1.13.0-23.el6 AND xorg-x11-server-source is earlier than 0:1.13.0-23.el6 AND CentOS Linux 6 release section The operating system installed on the system is CentOS Linux 6.x Packages match section xorg-x11-server-common is earlier than 0:1.13.0-23.el6.centos AND xorg-x11-server-devel is earlier than 0:1.13.0-23.el6.centos AND xorg-x11-server-source is earlier than 0:1.13.0-23.el6.centos AND xorg-x11-server-Xdmx is earlier than 0:1.13.0-23.el6.centos AND xorg-x11-server-Xephyr is earlier than 0:1.13.0-23.el6.centos AND xorg-x11-server-Xnest is earlier than 0:1.13.0-23.el6.centos AND xorg-x11-server-Xorg is earlier than 0:1.13.0-23.el6.centos AND xorg-x11-server-Xvfb is earlier than 0:1.13.0-23.el6.centos

Definition Id: oval:org.mitre.oval:def:27390

Oval ID:	oval:org.mitre.oval:def:27390
Title:	DEPRECATED: ELSA-2013-0898 -- mesa security update (moderate)
Description:	[6.5.1-7.11] - CVE-2013-1993 - buffer overflows in DRI protocol (#963066)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0898 CVE-2013-1993	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	mesa
Definition Synopsis:
Oracle Linux 5.x Packages match section mesa is earlier than 0:6.5.1-7.11.el5_9 AND glx-utils is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGL is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGL-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGLU is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGLU-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGLw is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libGLw-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libOSMesa is earlier than 0:6.5.1-7.11.el5_9 AND mesa-libOSMesa-devel is earlier than 0:6.5.1-7.11.el5_9 AND mesa-source is earlier than 0:6.5.1-7.11.el5_9

Definition Id: oval:org.mitre.oval:def:27472

Oval ID:	oval:org.mitre.oval:def:27472
Title:	DEPRECATED: ELSA-2013-1426 -- xorg-x11-server security update (important)
Description:	[1.13.0-11.1.2] - CVE-2013-4396: Fix use-after free in ImageText requests (#1014561)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1426 CVE-2013-4396	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	xorg-x11-server
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section xorg-x11-server is earlier than 0:1.1.1-48.101.0.1.el5_10.1 AND xorg-x11-server-Xdmx is earlier than 0:1.1.1-48.101.0.1.el5_10.1 AND xorg-x11-server-Xephyr is earlier than 0:1.1.1-48.101.0.1.el5_10.1 AND xorg-x11-server-Xnest is earlier than 0:1.1.1-48.101.0.1.el5_10.1 AND xorg-x11-server-Xorg is earlier than 0:1.1.1-48.101.0.1.el5_10.1 AND xorg-x11-server-Xvfb is earlier than 0:1.1.1-48.101.0.1.el5_10.1 AND xorg-x11-server-Xvnc-source is earlier than 0:1.1.1-48.101.0.1.el5_10.1 AND xorg-x11-server-sdk is earlier than 0:1.1.1-48.101.0.1.el5_10.1 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section xorg-x11-server is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xdmx is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xephyr is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xnest is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xorg is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-Xvfb is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-common is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-devel is earlier than 0:1.13.0-11.1.el6_4.2 AND xorg-x11-server-source is earlier than 0:1.13.0-11.1.el6_4.2

Definition Id: oval:org.mitre.oval:def:27564

Oval ID:	oval:org.mitre.oval:def:27564
Title:	DEPRECATED: ELSA-2013-0897 -- mesa security update (important)
Description:	[9.0-0.8.3] - CVE-2013-1872: Updated patch with testing from upstream (#963063) [9.0-0.8.2] - CVE-2013-1872: Updated patch from upstream (#963063) [9.0-0.8.1] - CVE-2013-1872: Updated patch (#963063) [9.0-0.8] - CVE-2013-1872: memory corruption oob read/write on intel (#963063) - CVE-2013-1993: interger overflows in protocol handling (#961613)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0897 CVE-2013-1872 CVE-2013-1993	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	mesa
Definition Synopsis:
Oracle Linux 6.x Packages match section mesa is earlier than 0:9.0-0.8.el6_4.3 AND glx-utils is earlier than 0:9.0-0.8.el6_4.3 AND mesa-demos is earlier than 0:9.0-0.8.el6_4.3 AND mesa-dri-drivers is earlier than 0:9.0-0.8.el6_4.3 AND mesa-dri-filesystem is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libGL is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libGL-devel is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libGLU is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libGLU-devel is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libOSMesa is earlier than 0:9.0-0.8.el6_4.3 AND mesa-libOSMesa-devel is earlier than 0:9.0-0.8.el6_4.3

Definition Id: oval:org.mitre.oval:def:29114

Oval ID:	oval:org.mitre.oval:def:29114
Title:	DSA-2675-2 -- libxvmc -- several vulnerabilities
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2675-2 CVE-2013-1990 CVE-2013-1999	Version:	3
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	libxvmc
Definition Synopsis:
Debian 6 Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxvmc is earlier than 2:1.0.5-1+squeeze2 OR Debian 7 Debian 7 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxvmc is earlier than 2:1.0.7-1+deb7u2

CPE : Common Platform Enumeration

Type	Description	Count
Application	mesa3d Mesa cpe:2.3:a:mesa3d:mesa:9.1:::::::* cpe:2.3:a:mesa3d:mesa:9.0.3:::::::* cpe:2.3:a:mesa3d:mesa:9.0.2:::::::* cpe:2.3:a:mesa3d:mesa:9.0.1:::::::* cpe:2.3:a:mesa3d:mesa:9.0:::::::* cpe:2.3:a:mesa3d:mesa:8.0.5:::::::* cpe:2.3:a:mesa3d:mesa:8.0.4:::::::* cpe:2.3:a:mesa3d:mesa:8.0.3:::::::* cpe:2.3:a:mesa3d:mesa:8.0.2:::::::* cpe:2.3:a:mesa3d:mesa:8.0.1:::::::* cpe:2.3:a:mesa3d:mesa:8.0:::::::*	11
Application	Oracle Secure Global Desktop cpe:2.3:a:oracle:secure_global_desktop:5.2:::::::* cpe:2.3:a:oracle:secure_global_desktop:4.71:::::::*	2
Application	X Libchromexvmc cpe:2.3:a:x:libchromexvmc:-:::::::*	1
Application	X Libchromexvmcpro cpe:2.3:a:x:libchromexvmcpro:-:::::::*	1
Application	X Libdmx cpe:2.3:a:x:libdmx:1.1.1:::::::* cpe:2.3:a:x:libdmx:1.1.0:::::::* cpe:2.3:a:x:libdmx:1.0.99.1:::::::* cpe:2.3:a:x:libdmx:1.0.2:::::::*	4
Application	X Libfs cpe:2.3:a:x:libfs:1.0.3:::::::* cpe:2.3:a:x:libfs:1.0.2:::::::* cpe:2.3:a:x:libfs:1.0.1:::::::*	3
Application	X Libglx cpe:2.3:a:x:libglx:-:::::::*	1
Application	X libx11 cpe:2.3:a:x:libx11:1.5.0:::::::*	1
Application	X Libxcb cpe:2.3:a:x:libxcb:1.8.1:::::::* cpe:2.3:a:x:libxcb:1.8:::::::* cpe:2.3:a:x:libxcb:1.7:::::::* cpe:2.3:a:x:libxcb:1.6:::::::* cpe:2.3:a:x:libxcb:1.5:::::::* cpe:2.3:a:x:libxcb:1.4:::::::* cpe:2.3:a:x:libxcb:1.3:::::::* cpe:2.3:a:x:libxcb:1.2:::::::* cpe:2.3:a:x:libxcb:1.1.93:::::::* cpe:2.3:a:x:libxcb:1.1.92:::::::* cpe:2.3:a:x:libxcb:1.1.91:::::::* cpe:2.3:a:x:libxcb:1.1.90.1:::::::*	12
Application	X Libxcursor cpe:2.3:a:x:libxcursor:1.1.9:::::::* cpe:2.3:a:x:libxcursor:1.1.8:::::::* cpe:2.3:a:x:libxcursor:1.1.7:::::::* cpe:2.3:a:x:libxcursor:1.1.6:::::::* cpe:2.3:a:x:libxcursor:1.1.12:::::::* cpe:2.3:a:x:libxcursor:1.1.11:::::::* cpe:2.3:a:x:libxcursor:1.1.10:::::::* cpe:2.3:a:x:libxcursor::::::::	8
Application	X Libxext cpe:2.3:a:x:libxext:1.3.0:::::::* cpe:2.3:a:x:libxext:1.2.0:::::::* cpe:2.3:a:x:libxext:1.1.2:::::::* cpe:2.3:a:x:libxext:1.1.1:::::::* cpe:2.3:a:x:libxext:1.1:::::::* cpe:2.3:a:x:libxext:1.0.99.4:::::::* cpe:2.3:a:x:libxext:1.0.99.3:::::::* cpe:2.3:a:x:libxext:1.0.99.2:::::::*	8
Application	X Libxfixes cpe:2.3:a:x:libxfixes:4.0.5:::::::* cpe:2.3:a:x:libxfixes:4.0.4:::::::* cpe:2.3:a:x:libxfixes:4.0.3:::::::* cpe:2.3:a:x:libxfixes:4.0.2:::::::* cpe:2.3:a:x:libxfixes:4.0.1:::::::* cpe:2.3:a:x:libxfixes:4.0:::::::*	6
Application	X Libxinerama cpe:2.3:a:x:libxinerama:1.1.1:::::::* cpe:2.3:a:x:libxinerama:1.1:::::::* cpe:2.3:a:x:libxinerama:1.0.99.1:::::::* cpe:2.3:a:x:libxinerama:1.0.3:::::::* cpe:2.3:a:x:libxinerama:1.0.2:::::::*	5
Application	X Libxp cpe:2.3:a:x:libxp:1.0.0:::::::*	1
Application	X Libxrandr cpe:2.3:a:x:libxrandr:1.3.2:::::::* cpe:2.3:a:x:libxrandr:1.3.1:::::::* cpe:2.3:a:x:libxrandr:1.3.0:::::::* cpe:2.3:a:x:libxrandr:1.2.99.4:::::::* cpe:2.3:a:x:libxrandr:1.2.99.3:::::::* cpe:2.3:a:x:libxrandr:1.2.99.2:::::::* cpe:2.3:a:x:libxrandr:1.2.99.1:::::::* cpe:2.3:a:x:libxrandr:1.2.3:::::::*	8
Application	X Libxrender cpe:2.3:a:x:libxrender:0.9.6:::::::* cpe:2.3:a:x:libxrender:0.9.5:::::::* cpe:2.3:a:x:libxrender:0.9.4:::::::* cpe:2.3:a:x:libxrender:0.9.3:::::::* cpe:2.3:a:x:libxrender:0.9.2:::::::* cpe:2.3:a:x:libxrender:0.9.1:::::::*	6
Application	X Libxres cpe:2.3:a:x:libxres:1.0.5:::::::* cpe:2.3:a:x:libxres:1.0.4:::::::* cpe:2.3:a:x:libxres:1.0.3:::::::* cpe:2.3:a:x:libxres:1.0.2:::::::* cpe:2.3:a:x:libxres:1.0.1:::::::*	5
Application	X Libxt cpe:2.3:a:x:libxt:1.1.2:::::::* cpe:2.3:a:x:libxt:1.1.1:::::::* cpe:2.3:a:x:libxt:1.0.9:::::::* cpe:2.3:a:x:libxt:1.0.8:::::::* cpe:2.3:a:x:libxt:1.0.7:::::::* cpe:2.3:a:x:libxt:1.0.6:::::::* cpe:2.3:a:x:libxt:1.0.5:::::::* cpe:2.3:a:x:libxt:1.0.4:::::::* cpe:2.3:a:x:libxt:1.0.3:::::::*	9
Application	X Libxtst cpe:2.3:a:x:libxtst:1.2.0:::::::* cpe:2.3:a:x:libxtst:1.1.0:::::::* cpe:2.3:a:x:libxtst:1.0.99.2:::::::* cpe:2.3:a:x:libxtst:1.0.99.1:::::::* cpe:2.3:a:x:libxtst:1.0.3:::::::* cpe:2.3:a:x:libxtst:1.0.2:::::::*	6
Application	X Libxv cpe:2.3:a:x:libxv:1.0.6:::::::* cpe:2.3:a:x:libxv:1.0.5:::::::* cpe:2.3:a:x:libxv:1.0.4:::::::* cpe:2.3:a:x:libxv:1.0.3:::::::* cpe:2.3:a:x:libxv:1.0.2:::::::*	5
Application	X Libxvmc cpe:2.3:a:x:libxvmc:1.0.6:::::::* cpe:2.3:a:x:libxvmc:1.0.5:::::::* cpe:2.3:a:x:libxvmc:1.0.4:::::::* cpe:2.3:a:x:libxvmc:1.0.3:::::::* cpe:2.3:a:x:libxvmc:1.0.2:::::::*	5
Application	X libxxf86dga cpe:2.3:a:x:libxxf86dga:1.1.2:::::::* cpe:2.3:a:x:libxxf86dga:1.1.1:::::::* cpe:2.3:a:x:libxxf86dga:1.1:::::::* cpe:2.3:a:x:libxxf86dga:1.0.99.2:::::::* cpe:2.3:a:x:libxxf86dga:1.0.99.1:::::::* cpe:2.3:a:x:libxxf86dga:1.0.2:::::::* cpe:2.3:a:x:libxxf86dga:1.0.1:::::::*	7
Application	X libxxf86vm cpe:2.3:a:x:libxxf86vm:1.1.1:::::::* cpe:2.3:a:x:libxxf86vm:1.1.0:::::::* cpe:2.3:a:x:libxxf86vm:1.0.99.1:::::::* cpe:2.3:a:x:libxxf86vm:1.0.2:::::::* cpe:2.3:a:x:libxxf86vm:1.0.1:::::::*	5
Application	X X.Org X11 cpe:2.3:a:x:x.org_x11:7.7:::::::* cpe:2.3:a:x:x.org_x11:7.7:rc1:::::: cpe:2.3:a:x:x.org_x11:7.6:::::::* cpe:2.3:a:x:x.org_x11:7.6:rc1:::::: cpe:2.3:a:x:x.org_x11:7.5:::::::* cpe:2.3:a:x:x.org_x11:7.5:rc1:::::: cpe:2.3:a:x:x.org_x11:7.4:::::::* cpe:2.3:a:x:x.org_x11:7.3:::::::* cpe:2.3:a:x:x.org_x11:7.2:::::::* cpe:2.3:a:x:x.org_x11:7.1:::::::* cpe:2.3:a:x:x.org_x11:7.0:::::::* cpe:2.3:a:x:x.org_x11:6.9.0:::::::* cpe:2.3:a:x:x.org_x11:6.8.2:::::::* cpe:2.3:a:x:x.org_x11:6.8.1:::::::* cpe:2.3:a:x:x.org_x11:6.8:::::::* cpe:2.3:a:x:x.org_x11:6.7:::::::* cpe:2.3:a:x:x.org_x11:6.6:::::::* cpe:2.3:a:x:x.org_x11:6.5.1:::::::* cpe:2.3:a:x:x.org_x11:6.4:::::::* cpe:2.3:a:x:x.org_x11:6.3:::::::* cpe:2.3:a:x:x.org_x11:6.1:::::::* cpe:2.3:a:x:x.org_x11:6.0:::::::*	22
Application	X X.Org-Xserver cpe:2.3:a:x:x.org-xserver:1.7.7:rc2:::::: cpe:2.3:a:x:x.org-xserver:1.7.6.902:::::::* cpe:2.3:a:x:x.org-xserver:1.7:::::::* cpe:2.3:a:x:x.org-xserver:1.4.0:::::::*	4
Application	X.Org Libxi cpe:2.3:a:x.org:libxi:1.7:::::::* cpe:2.3:a:x.org:libxi:1.6.99.1:::::::* cpe:2.3:a:x.org:libxi:1.6.2:::::::* cpe:2.3:a:x.org:libxi:1.6.1:::::::* cpe:2.3:a:x.org:libxi:1.6.0:::::::* cpe:2.3:a:x.org:libxi:1.5.99.3:::::::* cpe:2.3:a:x.org:libxi:1.5.99.2:::::::* cpe:2.3:a:x.org:libxi:1.5.0:::::::*	8
Application	X.Org Libxv cpe:2.3:a:x.org:libxv:1.0.7:::::::* cpe:2.3:a:x.org:libxv:1.0.6:::::::* cpe:2.3:a:x.org:libxv:1.0.5:::::::* cpe:2.3:a:x.org:libxv:1.0.4:::::::* cpe:2.3:a:x.org:libxv:1.0.3:::::::* cpe:2.3:a:x.org:libxv:1.0.2:::::::*	6
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts::: cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:::::* cpe:2.3:o:canonical:ubuntu_linux:11.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:11.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts::: cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:::::*	8
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:7.0:::::::* cpe:2.3:o:debian:debian_linux:6.0:::::::*	2
Os	Fedoraproject Fedora cpe:2.3:o:fedoraproject:fedora:19:::::::*	1
Os	Opensuse cpe:2.3:o:opensuse:opensuse:12.3:::::::* cpe:2.3:o:opensuse:opensuse:12.2:::::::*	2

Information Assurance Vulnerability Management (IAVM)

Date	Description
2013-06-06	IAVM : 2013-B-0061 - Multiple Vulnerabilities in Red Hat Enterprise Linux Version 6 Products Severity : Category I - VMSKEY : V0038873

Nessus® Vulnerability Scanner

Date	Description
2017-10-19	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2017-291-01.nasl - Type : ACT_GATHER_INFO
2017-05-02	Name : An application installed on the remote host is affected by multiple vulnerabi... File : oracle_secure_global_desktop_apr_2017_cpu.nasl - Type : ACT_GATHER_INFO
2017-03-10	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-0644-1.nasl - Type : ACT_GATHER_INFO
2016-07-25	Name : An application installed on the remote host is affected by multiple vulnerabi... File : oracle_secure_global_desktop_jul_2016_cpu.nasl - Type : ACT_GATHER_INFO
2015-10-01	Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_43690.nasl - Type : ACT_GATHER_INFO
2015-09-24	Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_44149.nasl - Type : ACT_GATHER_INFO
2015-09-24	Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_44188.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0857-1.nasl - Type : ACT_GATHER_INFO
2015-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2015-3948.nasl - Type : ACT_GATHER_INFO
2015-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2015-3964.nasl - Type : ACT_GATHER_INFO
2015-03-23	Name : The remote Fedora host is missing a security update. File : fedora_2015-3953.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_xorg_20130924.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_xorg_20141014.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_xorg_20141107.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-452.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1620.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1436.nasl - Type : ACT_GATHER_INFO
2014-11-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141014_X11_client_libraries_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1436.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-403.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-405.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-406.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-366.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-411.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-486.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-487.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-488.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-489.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-490.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-491.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-501.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-502.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-503.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-504.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-505.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-506.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-507.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-508.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-509.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-510.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-511.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-514.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-516.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-807.nasl - Type : ACT_GATHER_INFO
2014-05-16	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201405-07.nasl - Type : ACT_GATHER_INFO
2014-02-05	Name : The remote AIX host is missing a security patch. File : aix_IV52978.nasl - Type : ACT_GATHER_INFO
2014-02-05	Name : The remote AIX host is missing a security patch. File : aix_IV53246.nasl - Type : ACT_GATHER_INFO
2014-01-22	Name : The remote AIX host is missing a security patch. File : aix_IV52181.nasl - Type : ACT_GATHER_INFO
2014-01-22	Name : The remote AIX host is missing a security patch. File : aix_IV52184.nasl - Type : ACT_GATHER_INFO
2014-01-22	Name : The remote AIX host is missing a security patch. File : aix_IV52185.nasl - Type : ACT_GATHER_INFO
2014-01-22	Name : The remote AIX host is missing a security patch. File : aix_IV52186.nasl - Type : ACT_GATHER_INFO
2014-01-22	Name : The remote AIX host is missing a security patch. File : aix_IV53331.nasl - Type : ACT_GATHER_INFO
2013-12-14	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-260.nasl - Type : ACT_GATHER_INFO
2013-12-10	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131121_xorg_x11_server_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-11-29	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1620.nasl - Type : ACT_GATHER_INFO
2013-11-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1620.nasl - Type : ACT_GATHER_INFO
2013-11-19	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-Xvnc-131022.nasl - Type : ACT_GATHER_INFO
2013-11-14	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-234.nasl - Type : ACT_GATHER_INFO
2013-10-29	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-259.nasl - Type : ACT_GATHER_INFO
2013-10-25	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_9a57c6073cab11e3b4d9bcaec565249c.nasl - Type : ACT_GATHER_INFO
2013-10-23	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2784.nasl - Type : ACT_GATHER_INFO
2013-10-18	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1990-1.nasl - Type : ACT_GATHER_INFO
2013-10-17	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1426.nasl - Type : ACT_GATHER_INFO
2013-10-17	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131015_xorg_x11_server_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-10-16	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1426.nasl - Type : ACT_GATHER_INFO
2013-10-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1426.nasl - Type : ACT_GATHER_INFO
2013-10-15	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-287-05.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-198.nasl - Type : ACT_GATHER_INFO
2013-07-30	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-devel-130625.nasl - Type : ACT_GATHER_INFO
2013-07-30	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXext-130612.nasl - Type : ACT_GATHER_INFO
2013-07-30	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXfixes-130612.nasl - Type : ACT_GATHER_INFO
2013-07-30	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXrender-130612.nasl - Type : ACT_GATHER_INFO
2013-07-30	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXt-130612.nasl - Type : ACT_GATHER_INFO
2013-07-30	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXv-130612.nasl - Type : ACT_GATHER_INFO
2013-07-19	Name : The remote Fedora host is missing a security update. File : fedora_2013-12593.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-10063.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-11734.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-12083.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-5967.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-9146.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-9147.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-9156.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-9177.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-9188.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-9976.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0897.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0898.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_Mesa-130531.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-devel-130612.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libX11-130612.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXext-130531.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXfixes-130531.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXp-130612.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXrender-130603.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXt-130604.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXv-130604.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libxcb-130524.nasl - Type : ACT_GATHER_INFO
2013-06-28	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-182.nasl - Type : ACT_GATHER_INFO
2013-06-21	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1888-1.nasl - Type : ACT_GATHER_INFO
2013-06-11	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1871-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1852-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1853-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1854-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1855-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1856-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1857-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1858-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1859-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1860-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1861-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1862-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1863-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1864-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1865-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1866-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1867-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1868-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1869-1.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1870-1.nasl - Type : ACT_GATHER_INFO
2013-06-05	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2eebebffcd3b11e28f09001b38c3836c.nasl - Type : ACT_GATHER_INFO
2013-06-05	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-Xvnc-130524.nasl - Type : ACT_GATHER_INFO
2013-06-05	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xorg-x11-server-8561.nasl - Type : ACT_GATHER_INFO
2013-06-04	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0897.nasl - Type : ACT_GATHER_INFO
2013-06-04	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0898.nasl - Type : ACT_GATHER_INFO
2013-06-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130603_mesa_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-06-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130603_mesa_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-9107.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-9108.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-9117.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-9120.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-9135.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-9137.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-9140.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-9141.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-9162.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-9166.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0897.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0898.nasl - Type : ACT_GATHER_INFO
2013-06-02	Name : The remote Fedora host is missing a security update. File : fedora_2013-8991.nasl - Type : ACT_GATHER_INFO
2013-06-02	Name : The remote Fedora host is missing a security update. File : fedora_2013-9114.nasl - Type : ACT_GATHER_INFO
2013-06-02	Name : The remote Fedora host is missing a security update. File : fedora_2013-9138.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2693.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9046.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9052.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9053.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9056.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9060.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9065.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9066.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9070.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9079.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9085.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9088.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9096.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9098.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9099.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9151.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2673.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2674.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2675.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2676.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2677.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2678.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2679.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2680.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2681.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2682.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2683.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2684.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2685.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2686.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2687.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2688.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2689.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2690.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2691.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2692.nasl - Type : ACT_GATHER_INFO
2013-04-30	Name : The remote Fedora host is missing a security update. File : fedora_2013-5883.nasl - Type : ACT_GATHER_INFO
2013-04-22	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-109-01.nasl - Type : ACT_GATHER_INFO
2013-04-22	Name : The remote Fedora host is missing a security update. File : fedora_2013-5928.nasl - Type : ACT_GATHER_INFO
2013-04-18	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2661.nasl - Type : ACT_GATHER_INFO
2013-04-18	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1803-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-05-17 13:23:45	Multiple Updates
2014-05-15 17:21:15	First insertion

Global Informations

Type	Count
CWE ID(s)	31
Oval ID(s)	93
CPE ID(s)	173
IAVM(s)	1
Nessus® Exploit(s)	182

	Related
6.8	CVE-2013-2066
6.8	CVE-2013-2064
6.8	CVE-2013-2063
6.8	CVE-2013-2062
6.8	CVE-2013-2005
6.8	CVE-2013-2004
6.8	CVE-2013-2003
6.8	CVE-2013-2002
6.8	CVE-2013-2001
6.8	CVE-2013-2000
6.8	CVE-2013-1999
6.8	CVE-2013-1998
6.8	CVE-2013-1997
6.8	CVE-2013-1996
6.8	CVE-2013-1995
6.8	CVE-2013-1994
6.8	CVE-2013-1993
6.8	CVE-2013-1992
6.8	CVE-2013-1991
6.8	CVE-2013-1990
6.8	CVE-2013-1989
6.8	CVE-2013-1988
6.8	CVE-2013-1987
6.8	CVE-2013-1986
6.8	CVE-2013-1985
6.8	CVE-2013-1984
6.8	CVE-2013-1983
6.8	CVE-2013-1982
6.8	CVE-2013-1981
6.5	CVE-2013-4396
2.1	CVE-2013-1940
1.9	CVE-2013-1056
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 32 more Alert(s)