Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Multiple packages, Multiple vulnerabilities fixed in 2011
Informations
Name GLSA-201412-09 First vendor Publication 2014-12-11
Vendor Gentoo Last vendor Modification 2014-12-11
Severity (Vendor) High Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2012. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information.

Background

For more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild.

Description

Vulnerabilities have been discovered in the packages listed below.
Please review the CVE identifiers in the Reference section for details.

* FMOD Studio
* PEAR Mail
* LVM2
* GnuCash
* xine-lib
* Last.fm Scrobbler
* WebKitGTK+
* shadow tool suite
* PEAR
* unixODBC
* Resource Agents
* mrouted
* rsync
* XML Security Library
* xrdb
* Vino
* OProfile
* syslog-ng
* sFlow Toolkit
* GNOME Display Manager
* libsoup
* CA Certificates
* Gitolite
* QtCreator
* Racer

Impact

A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions.

Workaround

There are no known workarounds at this time.

Resolution

All FMOD Studio users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/fmod-4.38.00"

All PEAR Mail users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/PEAR-Mail-1.2.0"

All LVM2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-fs/lvm2-2.02.72"

All GnuCash users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-office/gnucash-2.4.4"

All xine-lib users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/xine-lib-1.1.19"

All Last.fm Scrobbler users should upgrade to the latest version:
# emerge --sync
# emerge -a --oneshot -v ">=media-sound/lastfmplayer-1.5.4.26862-r3"

All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-1.2.7"

All shadow tool suite users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-apps/shadow-4.1.4.3"

All PEAR users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/PEAR-PEAR-1.9.2-r1"

All unixODBC users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/unixODBC-2.3.0-r1"

All Resource Agents users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=sys-cluster/resource-agents-1.0.4-r1"

All mrouted users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/mrouted-3.9.5"

All rsync users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/rsync-3.0.8"

All XML Security Library users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/xmlsec-1.2.17"

All xrdb users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-apps/xrdb-1.0.9"

All Vino users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/vino-2.32.2"

All OProfile users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-util/oprofile-0.9.6-r1"

All syslog-ng users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/syslog-ng-3.2.4"

All sFlow Toolkit users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/sflowtool-3.20"

All GNOME Display Manager users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=gnome-base/gdm-3.8.4-r3"

All libsoup users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/libsoup-2.34.3"

All CA Certificates users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=app-misc/ca-certificates-20110502-r1"

All Gitolite users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-vcs/gitolite-1.5.9.1"

All QtCreator users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-util/qt-creator-2.1.0"

Gentoo has discontinued support for Racer. We recommend that users unmerge Racer:
# emerge --unmerge "games-sports/racer-bin"

NOTE: This is a legacy GLSA. Updates for all affected architectures have been available since 2012. It is likely that your system is already no longer affected by these issues.

References

[ 1 ] CVE-2007-4370 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4370
[ 2 ] CVE-2009-4023 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4023
[ 3 ] CVE-2009-4111 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4111
[ 4 ] CVE-2010-0778 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0778
[ 5 ] CVE-2010-1780 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1780
[ 6 ] CVE-2010-1782 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1782
[ 7 ] CVE-2010-1783 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1783
[ 8 ] CVE-2010-1784 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1784
[ 9 ] CVE-2010-1785 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1785
[ 10 ] CVE-2010-1786 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1786
[ 11 ] CVE-2010-1787 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1787
[ 12 ] CVE-2010-1788 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1788
[ 13 ] CVE-2010-1790 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1790
[ 14 ] CVE-2010-1791 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1791
[ 15 ] CVE-2010-1792 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1792
[ 16 ] CVE-2010-1793 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1793
[ 17 ] CVE-2010-1807 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1807
[ 18 ] CVE-2010-1812 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1812
[ 19 ] CVE-2010-1814 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1814
[ 20 ] CVE-2010-1815 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1815
[ 21 ] CVE-2010-2526 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2526
[ 22 ] CVE-2010-2901 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2901
[ 23 ] CVE-2010-3255 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3255
[ 24 ] CVE-2010-3257 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3257
[ 25 ] CVE-2010-3259 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3259
[ 26 ] CVE-2010-3362 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3362
[ 27 ] CVE-2010-3374 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3374
[ 28 ] CVE-2010-3389 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3389
[ 29 ] CVE-2010-3812 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3812
[ 30 ] CVE-2010-3813 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3813
[ 31 ] CVE-2010-3999 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3999
[ 32 ] CVE-2010-4042 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4042
[ 33 ] CVE-2010-4197 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4197
[ 34 ] CVE-2010-4198 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4198
[ 35 ] CVE-2010-4204 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4204
[ 36 ] CVE-2010-4206 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4206
[ 37 ] CVE-2010-4492 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4492
[ 38 ] CVE-2010-4493 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4493
[ 39 ] CVE-2010-4577 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4577
[ 40 ] CVE-2010-4578 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4578
[ 41 ] CVE-2011-0007 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0007
[ 42 ] CVE-2011-0465 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0465
[ 43 ] CVE-2011-0482 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0482
[ 44 ] CVE-2011-0721 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0721
[ 45 ] CVE-2011-0727 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0727
[ 46 ] CVE-2011-0904 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0904
[ 47 ] CVE-2011-0905 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0905
[ 48 ] CVE-2011-1072 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1072
[ 49 ] CVE-2011-1097 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1097
[ 50 ] CVE-2011-1144 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1144
[ 51 ] CVE-2011-1425 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1425
[ 52 ] CVE-2011-1572 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1572
[ 53 ] CVE-2011-1760 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1760
[ 54 ] CVE-2011-1951 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1951
[ 55 ] CVE-2011-2471 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2471
[ 56 ] CVE-2011-2472 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2472
[ 57 ] CVE-2011-2473 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2473
[ 58 ] CVE-2011-2524 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2524
[ 59 ] CVE-2011-3365 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3365
[ 60 ] CVE-2011-3366 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3366
[ 61 ] CVE-2011-3367 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3367

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201412-09.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201412-09.xml

CWE : Common Weakness Enumeration

% Id Name
25 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
15 % CWE-20 Improper Input Validation
11 % CWE-399 Resource Management Errors
9 % CWE-59 Improper Link Resolution Before File Access ('Link Following')
8 % CWE-416 Use After Free
6 % CWE-264 Permissions, Privileges, and Access Controls
6 % CWE-94 Failure to Control Generation of Code ('Code Injection')
6 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)
4 % CWE-189 Numeric Errors (CWE/SANS Top 25)
2 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
2 % CWE-704 Incorrect Type Conversion or Cast
2 % CWE-287 Improper Authentication
2 % CWE-200 Information Exposure
2 % CWE-125 Out-of-bounds Read
2 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10964
 
Oval ID: oval:org.mitre.oval:def:10964
Title: use-after-free vulnerability in WebKit in Apple Safari before 5.0.1
Description: Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to element focus.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1780
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11221
 
Oval ID: oval:org.mitre.oval:def:11221
Title: Google Chrome Image Read Access Restriction Same Origin Policy Bypass Remote Information Disclosure
Description: WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3259
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11475
 
Oval ID: oval:org.mitre.oval:def:11475
Title: Use-after-free vulnerability in Google Chrome before 8.0.552.215 via vectors involving SVG animations
Description: Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4492
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11689
 
Oval ID: oval:org.mitre.oval:def:11689
Title: Integer overflow vulnerability in WebKit in Apple Safari before 5.0.3 versions
Description: Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3812
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11736
 
Oval ID: oval:org.mitre.oval:def:11736
Title: Google Chrome Counter Node Handling Unspecified Memory Corruption
Description: Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3255
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11766
 
Oval ID: oval:org.mitre.oval:def:11766
Title: The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1
Description: The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1784
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11777
 
Oval ID: oval:org.mitre.oval:def:11777
Title: WebKit in Apple Safari before 5.0.1 related to reentrancy issue.
Description: WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle just-in-time (JIT) compiled JavaScript stubs, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to a "reentrancy issue."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1790
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11802
 
Oval ID: oval:org.mitre.oval:def:11802
Title: Integer signedness error in WebKit in Apple Safari before 5.0.1 related to vectors involving a JavaScript array index.
Description: Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1791
Version: 11
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11820
 
Oval ID: oval:org.mitre.oval:def:11820
Title: WebKit in Apple Safari before 5.0.1 Denial of Service vulnerability
Description: WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1783
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11837
 
Oval ID: oval:org.mitre.oval:def:11837
Title: Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 related to foreignObject element in an SVG document.
Description: Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a foreignObject element in an SVG document.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1786
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11877
 
Oval ID: oval:org.mitre.oval:def:11877
Title: WebKit in Apple Safari before 5.0.1 related to a floating element in an SVG document.
Description: WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a floating element in an SVG document.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1787
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11898
 
Oval ID: oval:org.mitre.oval:def:11898
Title: WebKit in Apple Safari before 5.0.1 related to crafted regular expression.
Description: WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1792
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11923
 
Oval ID: oval:org.mitre.oval:def:11923
Title: Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 related to font-face or use element in an SVG document.
Description: Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a (1) font-face or (2) use element in an SVG document.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1793
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11935
 
Oval ID: oval:org.mitre.oval:def:11935
Title: WebKit in Apple Safari before 5.0.1 denial of service vulnerability related to the rendering of an inline element
Description: WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to the rendering of an inline element.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1782
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11941
 
Oval ID: oval:org.mitre.oval:def:11941
Title: WebKit in Apple Safari before 5.0.1 memory accesses vulnerability
Description: WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements in an SVG text element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1785
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11949
 
Oval ID: oval:org.mitre.oval:def:11949
Title: Denial of Service vulnerability in Google Chrome before 7.0.517.44 via unknown vectors
Description: Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SVG document, related to effects in the application of filters.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4206
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11962
 
Oval ID: oval:org.mitre.oval:def:11962
Title: WebKit in Apple Safari before 5.0.1 related to a use element in an SVG document.
Description: WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a use element in an SVG document.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1788
Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11964
 
Oval ID: oval:org.mitre.oval:def:11964
Title: Webkit Floating Point Datatype Remote Code Execution Vulnerability
Description: WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1807
Version: 8
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11997
 
Oval ID: oval:org.mitre.oval:def:11997
Title: Vulnerability in rendering implementation in Google Chrome before 5.0.375.125
Description: The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2901
Version: 13
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12129
 
Oval ID: oval:org.mitre.oval:def:12129
Title: Use-after-free vulnerability in Google Chrome before 8.0.552.215
Description: Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4493
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12138
 
Oval ID: oval:org.mitre.oval:def:12138
Title: Google Chrome Focus Handling Stale Pointer Remote DoS
Description: Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3257
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12157
 
Oval ID: oval:org.mitre.oval:def:12157
Title: Vulnerability in Google Chrome before 7.0.517.44 via a crafted HTML document
Description: WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4198
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12174
 
Oval ID: oval:org.mitre.oval:def:12174
Title: Denial of Service vulnerability in Google Chrome before 7.0.517.44 via unknown vectors
Description: WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4204
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12266
 
Oval ID: oval:org.mitre.oval:def:12266
Title: Use-after-free vulnerability in Google Chrome before 7.0.517.44 via vectors involving text editing
Description: Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4197
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12293
 
Oval ID: oval:org.mitre.oval:def:12293
Title: Vulnerability in WebKit in Apple Safari before 5.0.3 versions
Description: The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching is enabled when processing an HTML LINK element, which allows remote attackers to bypass intended access restrictions, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3813
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Apple Safari
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12539
 
Oval ID: oval:org.mitre.oval:def:12539
Title: DSA-2095-1 lvm2 -- insecure communication protocol
Description: Alasdair Kergon discovered that the cluster logical volume manager daemon in lvm2, The Linux Logical Volume Manager, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service. For the stable distribution, this problem has been fixed in version 2.02.39-8 For the testing distribution, and the unstable distribution, this problem has been fixed in version 2.02.66-3 We recommend that you upgrade your lvm2 package.
Family: unix Class: patch
Reference(s): DSA-2095-1
CVE-2010-2526
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): lvm2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12752
 
Oval ID: oval:org.mitre.oval:def:12752
Title: DSA-2219-1 xmlsec1 -- arbitrary file overwrite
Description: Nicolas Gregoire discovered that the XML Security Library xmlsec allowed remote attackers to create or overwrite arbitrary files through specially crafted XML files using the libxslt output extension and a ds:Transform element during signature verification.
Family: unix Class: patch
Reference(s): DSA-2219-1
CVE-2011-1425
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): xmlsec1
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12826
 
Oval ID: oval:org.mitre.oval:def:12826
Title: DSA-2205-1 gdm3 -- privilege escalation
Description: Sebastian Krahmer discovered that the gdm3, the GNOME Desktop Manager, does not properly drop privileges when manipulating files related to the logged-in user. As a result, local users can gain root privileges. The oldstable distribution does not contain a gdm3 package. The gdm package is not affected by this issue.
Family: unix Class: patch
Reference(s): DSA-2205-1
CVE-2011-0727
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): gdm3
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12839
 
Oval ID: oval:org.mitre.oval:def:12839
Title: DSA-2254-2 oprofile -- command injection
Description: Jamie Strandboge noticed that the patch propoused to fix CVE-2011-1760 in OProfile has been incomplete. For reference, the description of the original DSA, is: OProfile is a performance profiling tool which is configurable by opcontrol, its control utility. Stephane Chauveau reported several ways to inject arbitrary commands in the arguments of this utility. If a local unprivileged user is authorised by sudoers file to run opcontrol as root, this user could use the flaw to escalate his privileges.
Family: unix Class: patch
Reference(s): DSA-2254-2
CVE-2011-1760
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): oprofile
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12855
 
Oval ID: oval:org.mitre.oval:def:12855
Title: DSA-2164-1 shadow -- insufficient input sanitisation
Description: Kees Cook discovered that the chfn and chsh utilities do not properly sanitise user input that includes newlines. An attacker could use this to to corrupt passwd entries and may create users or groups in NIS environments. Packages in the oldstable distribution are not affected by this problem.
Family: unix Class: patch
Reference(s): DSA-2164-1
CVE-2011-0721
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): shadow
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12908
 
Oval ID: oval:org.mitre.oval:def:12908
Title: DSA-2147-1 pimd -- insecure temporary files
Description: Vincent Bernat discovered that pimd, a multicast routing daemon, creates files with predictable names upon the receipt of particular signals.
Family: unix Class: patch
Reference(s): DSA-2147-1
CVE-2011-0007
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): pimd
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12949
 
Oval ID: oval:org.mitre.oval:def:12949
Title: DSA-2213-1 x11-xserver-utils -- missing input sanitisation
Description: Sebastian Krahmer discovered that the xrdb utility of x11-xserver-utils, a X server resource database utility, is not properly filtering crafted hostnames. This allows a remote attacker to execute arbitrary code with root privileges given that either remote logins via xdmcp are allowed or the attacker is able to place a rogue DHCP server into the victims network. The oldstable distribution, this problem has been fixed in version 7.3+6.
Family: unix Class: patch
Reference(s): DSA-2213-1
CVE-2011-0465
Version: 7
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): x11-xserver-utils
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12993
 
Oval ID: oval:org.mitre.oval:def:12993
Title: DSA-2238-1 vino -- several
Description: Kevin Chen discovered that incorrect processing of framebuffer requests in the Vino VNC server could lead to denial of service.
Family: unix Class: patch
Reference(s): DSA-2238-1
CVE-2011-0904
CVE-2011-0905
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): vino
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13066
 
Oval ID: oval:org.mitre.oval:def:13066
Title: DSA-2254-1 oprofile -- command injection
Description: OProfile is a performance profiling tool which is configurable by opcontrol, its control utility. Stephane Chauveau reported several ways to inject arbitrary commands in the arguments of this utility. If a local unprivileged user is authorised by sudoers file to run opcontrol as root, this user could use the flaw to escalate his privileges.
Family: unix Class: patch
Reference(s): DSA-2254-1
CVE-2011-1760
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): oprofile
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13165
 
Oval ID: oval:org.mitre.oval:def:13165
Title: USN-1065-1 -- shadow vulnerability
Description: Kees Cook discovered that some shadow utilities did not correctly validate user input. A local attacker could exploit this flaw to inject newlines into the /etc/passwd file. If the system was configured to use NIS, this could lead to existing NIS groups or users gaining or losing access to the system, resulting in a denial of service or unauthorized access.
Family: unix Class: patch
Reference(s): USN-1065-1
CVE-2011-0721
Version: 5
Platform(s): Ubuntu 10.10
Ubuntu 9.10
Ubuntu 10.04
Product(s): shadow
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13264
 
Oval ID: oval:org.mitre.oval:def:13264
Title: USN-1001-1 -- lvm2 vulnerability
Description: The cluster logical volume manager daemon in LVM2 did not correctly validate credentials. A local user could use this flaw to manipulate logical volumes without root privileges and cause a denial of service in the cluster.
Family: unix Class: patch
Reference(s): USN-1001-1
CVE-2010-2526
Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 10.04
Ubuntu 9.10
Ubuntu 6.06
Ubuntu 9.04
Product(s): lvm2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13531
 
Oval ID: oval:org.mitre.oval:def:13531
Title: USN-1107-1 -- x11-xserver-utils vulnerability
Description: Sebastian Krahmer discovered that the xrdb utility incorrectly filtered crafted hostnames. An attacker could use this flaw with a malicious DHCP server or with a remote xdmcp login and execute arbitrary code, resulting in root privilege escalation.
Family: unix Class: patch
Reference(s): USN-1107-1
CVE-2011-0465
Version: 7
Platform(s): Ubuntu 8.04
Ubuntu 10.10
Ubuntu 9.10
Ubuntu 10.04
Product(s): x11-xserver-utils
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13756
 
Oval ID: oval:org.mitre.oval:def:13756
Title: USN-1181-1 -- libsoup2.4 vulnerability
Description: libsoup2.4: HTTP client/server library for GNOME An attacker could send crafted URLs to a SoupServer application and obtain unintended access to files.
Family: unix Class: patch
Reference(s): USN-1181-1
CVE-2011-2524
Version: 5
Platform(s): Ubuntu 11.04
Ubuntu 10.04
Ubuntu 10.10
Product(s): libsoup2.4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13786
 
Oval ID: oval:org.mitre.oval:def:13786
Title: USN-1099-1 -- gdm vulnerability
Description: Sebastian Krahmer discovered that GDM did not properly drop privileges when handling the cache directories used to store users" dmrc and face icon files. This could allow a local attacker to change the ownership of arbitrary files, thereby gaining root privileges.
Family: unix Class: patch
Reference(s): USN-1099-1
CVE-2011-0727
Version: 5
Platform(s): Ubuntu 10.10
Ubuntu 9.10
Ubuntu 10.04
Product(s): gdm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13865
 
Oval ID: oval:org.mitre.oval:def:13865
Title: USN-1128-1 -- vino vulnerabilities
Description: vino: VNC server for GNOME An attacker could send crafted input to Vino and cause it to crash.
Family: unix Class: patch
Reference(s): USN-1128-1
CVE-2011-0904
CVE-2011-0905
Version: 5
Platform(s): Ubuntu 10.10
Ubuntu 8.04
Ubuntu 10.04
Product(s): vino
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13953
 
Oval ID: oval:org.mitre.oval:def:13953
Title: The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."
Description: The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."
Family: windows Class: vulnerability
Reference(s): CVE-2010-4577
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14049
 
Oval ID: oval:org.mitre.oval:def:14049
Title: USN-1124-1 -- rsync vulnerability
Description: rsync: fast remote file copy program rsync could be made to crash or run programs as your login if it connected to a malicious server.
Family: unix Class: patch
Reference(s): USN-1124-1
CVE-2011-1097
Version: 5
Platform(s): Ubuntu 10.10
Ubuntu 9.10
Ubuntu 10.04
Product(s): rsync
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14110
 
Oval ID: oval:org.mitre.oval:def:14110
Title: USN-1166-1 -- oprofile vulnerabilities
Description: oprofile: System-wide profiler for Linux systems OProfile could be made to run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-1166-1
CVE-2011-1760
CVE-2011-2471
CVE-2011-2472
Version: 5
Platform(s): Ubuntu 10.04
Product(s): oprofile
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14323
 
Oval ID: oval:org.mitre.oval:def:14323
Title: Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
Description: Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
Family: windows Class: vulnerability
Reference(s): CVE-2010-4578
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14662
 
Oval ID: oval:org.mitre.oval:def:14662
Title: Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.
Description: Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0482
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14946
 
Oval ID: oval:org.mitre.oval:def:14946
Title: DSA-2369-1 libsoup2.4 -- insufficient input sanitisation
Description: It was discovered that libsoup2.4, a HTTP library implementation in C, is not properly validating input when processing requests made to SoupServer. A remote attacker can exploit this flaw to access system files via a directory traversal attack.
Family: unix Class: patch
Reference(s): DSA-2369-1
CVE-2011-2524
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): libsoup2.4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17794
 
Oval ID: oval:org.mitre.oval:def:17794
Title: USN-1248-1 -- kde4libs vulnerability
Description: KDE-Libs could improperly display fraudulent security certificates.
Family: unix Class: patch
Reference(s): USN-1248-1
CVE-2011-3365
Version: 5
Platform(s): Ubuntu 11.04
Ubuntu 10.10
Ubuntu 10.04
Product(s): kde4libs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21165
 
Oval ID: oval:org.mitre.oval:def:21165
Title: RHSA-2011:0433: xorg-x11-server-utils security update (Moderate)
Description: xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
Family: unix Class: patch
Reference(s): RHSA-2011:0433-01
CVE-2011-0465
CESA-2011:0433-CentOS 5
Version: 6
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): xorg-x11-server-utils
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21433
 
Oval ID: oval:org.mitre.oval:def:21433
Title: RHSA-2011:0177: webkitgtk security update (Moderate)
Description: The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."
Family: unix Class: patch
Reference(s): RHSA-2011:0177-01
CVE-2010-1780
CVE-2010-1782
CVE-2010-1783
CVE-2010-1784
CVE-2010-1785
CVE-2010-1786
CVE-2010-1787
CVE-2010-1788
CVE-2010-1790
CVE-2010-1792
CVE-2010-1793
CVE-2010-1807
CVE-2010-1812
CVE-2010-1814
CVE-2010-1815
CVE-2010-3113
CVE-2010-3114
CVE-2010-3115
CVE-2010-3116
CVE-2010-3119
CVE-2010-3255
CVE-2010-3257
CVE-2010-3259
CVE-2010-3812
CVE-2010-3813
CVE-2010-4197
CVE-2010-4198
CVE-2010-4204
CVE-2010-4206
CVE-2010-4577
Version: 393
Platform(s): Red Hat Enterprise Linux 6
Product(s): webkitgtk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21529
 
Oval ID: oval:org.mitre.oval:def:21529
Title: RHSA-2011:0486: xmlsec1 security and bug fix update (Moderate)
Description: xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.
Family: unix Class: patch
Reference(s): RHSA-2011:0486-01
CESA-2011:0486
CVE-2011-1425
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): xmlsec1
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21732
 
Oval ID: oval:org.mitre.oval:def:21732
Title: RHSA-2011:1000: rgmanager security, bug fix, and enhancement update (Low)
Description: The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Family: unix Class: patch
Reference(s): RHSA-2011:1000-01
CESA-2011:1000
CVE-2010-3389
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): rgmanager
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21776
 
Oval ID: oval:org.mitre.oval:def:21776
Title: RHSA-2011:1385: kdelibs and kdelibs3 security update (Moderate)
Description: The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
Family: unix Class: patch
Reference(s): RHSA-2011:1385-01
CESA-2011:1385
CVE-2011-3365
Version: 4
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): kdelibs
kdelibs3
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21910
 
Oval ID: oval:org.mitre.oval:def:21910
Title: RHSA-2011:0390: rsync security update (Moderate)
Description: rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
Family: unix Class: patch
Reference(s): RHSA-2011:0390-01
CVE-2011-1097
Version: 4
Platform(s): Red Hat Enterprise Linux 6
Product(s): rsync
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21930
 
Oval ID: oval:org.mitre.oval:def:21930
Title: RHSA-2011:0395: gdm security update (Moderate)
Description: GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.
Family: unix Class: patch
Reference(s): RHSA-2011:0395-01
CVE-2011-0727
Version: 4
Platform(s): Red Hat Enterprise Linux 6
Product(s): gdm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21933
 
Oval ID: oval:org.mitre.oval:def:21933
Title: RHSA-2011:1102: libsoup security update (Moderate)
Description: Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.
Family: unix Class: patch
Reference(s): RHSA-2011:1102-01
CVE-2011-2524
Version: 4
Platform(s): Red Hat Enterprise Linux 6
Product(s): libsoup
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22225
 
Oval ID: oval:org.mitre.oval:def:22225
Title: RHSA-2010:0567: lvm2-cluster security update (Moderate)
Description: The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands.
Family: unix Class: patch
Reference(s): RHSA-2010:0567-01
CESA-2010:0567
CVE-2010-2526
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): lvm2-cluster
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22792
 
Oval ID: oval:org.mitre.oval:def:22792
Title: ELSA-2010:0567: lvm2-cluster security update (Moderate)
Description: The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands.
Family: unix Class: patch
Reference(s): ELSA-2010:0567-01
CVE-2010-2526
Version: 6
Platform(s): Oracle Linux 5
Product(s): lvm2-cluster
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23103
 
Oval ID: oval:org.mitre.oval:def:23103
Title: ELSA-2011:0486: xmlsec1 security and bug fix update (Moderate)
Description: xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.
Family: unix Class: patch
Reference(s): ELSA-2011:0486-01
CVE-2011-1425
Version: 6
Platform(s): Oracle Linux 5
Product(s): xmlsec1
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23200
 
Oval ID: oval:org.mitre.oval:def:23200
Title: ELSA-2011:1000: rgmanager security, bug fix, and enhancement update (Low)
Description: The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Family: unix Class: patch
Reference(s): ELSA-2011:1000-01
CVE-2010-3389
Version: 6
Platform(s): Oracle Linux 5
Product(s): rgmanager
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23285
 
Oval ID: oval:org.mitre.oval:def:23285
Title: ELSA-2011:0177: webkitgtk security update (Moderate)
Description: The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."
Family: unix Class: patch
Reference(s): ELSA-2011:0177-01
CVE-2010-1780
CVE-2010-1782
CVE-2010-1783
CVE-2010-1784
CVE-2010-1785
CVE-2010-1786
CVE-2010-1787
CVE-2010-1788
CVE-2010-1790
CVE-2010-1792
CVE-2010-1793
CVE-2010-1807
CVE-2010-1812
CVE-2010-1814
CVE-2010-1815
CVE-2010-3113
CVE-2010-3114
CVE-2010-3115
CVE-2010-3116
CVE-2010-3119
CVE-2010-3255
CVE-2010-3257
CVE-2010-3259
CVE-2010-3812
CVE-2010-3813
CVE-2010-4197
CVE-2010-4198
CVE-2010-4204
CVE-2010-4206
CVE-2010-4577
Version: 125
Platform(s): Oracle Linux 6
Product(s): webkitgtk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23311
 
Oval ID: oval:org.mitre.oval:def:23311
Title: DEPRECATED: ELSA-2011:1385: kdelibs and kdelibs3 security update (Moderate)
Description: The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
Family: unix Class: patch
Reference(s): ELSA-2011:1385-01
CVE-2011-3365
Version: 7
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kdelibs
kdelibs3
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23356
 
Oval ID: oval:org.mitre.oval:def:23356
Title: ELSA-2011:0390: rsync security update (Moderate)
Description: rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
Family: unix Class: patch
Reference(s): ELSA-2011:0390-01
CVE-2011-1097
Version: 6
Platform(s): Oracle Linux 6
Product(s): rsync
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23626
 
Oval ID: oval:org.mitre.oval:def:23626
Title: ELSA-2011:1385: kdelibs and kdelibs3 security update (Moderate)
Description: The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
Family: unix Class: patch
Reference(s): ELSA-2011:1385-01
CVE-2011-3365
Version: 6
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kdelibs
kdelibs3
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23644
 
Oval ID: oval:org.mitre.oval:def:23644
Title: ELSA-2011:1102: libsoup security update (Moderate)
Description: Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.
Family: unix Class: patch
Reference(s): ELSA-2011:1102-01
CVE-2011-2524
Version: 6
Platform(s): Oracle Linux 6
Product(s): libsoup
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23685
 
Oval ID: oval:org.mitre.oval:def:23685
Title: ELSA-2011:0395: gdm security update (Moderate)
Description: GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.
Family: unix Class: patch
Reference(s): ELSA-2011:0395-01
CVE-2011-0727
Version: 6
Platform(s): Oracle Linux 6
Product(s): gdm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23703
 
Oval ID: oval:org.mitre.oval:def:23703
Title: ELSA-2011:0433: xorg-x11-server-utils security update (Moderate)
Description: xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
Family: unix Class: patch
Reference(s): ELSA-2011:0433-01
CVE-2011-0465
Version: 6
Platform(s): Oracle Linux 6
Product(s): xorg-x11-server-utils
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26934
 
Oval ID: oval:org.mitre.oval:def:26934
Title: RHSA-2011:1741 -- php-pear security and bug fix update (Low)
Description: The php-pear package contains the PHP Extension and Application Repository (PEAR), a framework and distribution system for reusable PHP components. It was found that the "pear" command created temporary files in an insecure way when installing packages. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files accessible to the victim running the "pear install" command. (CVE-2011-1072) This update also fixes the following bugs: * The php-pear package has been upgraded to version 1.9.4, which provides a number of bug fixes over the previous version. (BZ#651897) * Prior to this update, php-pear created a cache in the "/var/cache/php-pear/" directory when attempting to list all packages. As a consequence, php-pear failed to create or update the cache file as a regular user without sufficient file permissions and could not list all packages. With this update, php-pear no longer fails if writing to the cache directory is not permitted. Now, all packages are listed as expected. (BZ#747361) All users of php-pear are advised to upgrade to this updated package, which corrects these issues.
Family: unix Class: patch
Reference(s): RHSA-2011:1741
CVE-2011-1072
Version: 3
Platform(s): Red Hat Enterprise Linux 6
Product(s): php-pear
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27107
 
Oval ID: oval:org.mitre.oval:def:27107
Title: RHSA-2011:1364 -- kdelibs security and enhancement update (Moderate)
Description: The kdelibs packages provide libraries for the K Desktop Environment (KDE). An input sanitization flaw was found in the KSSL (KDE SSL Wrapper) API. An attacker could supply a specially-crafted SSL certificate (for example, via a web page) to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid. (CVE-2011-3365) This update also adds the following enhancement: * kdelibs provided its own set of trusted Certificate Authority (CA) certificates. This update makes kdelibs use the system set from the ca-certificates package, instead of its own copy. (BZ#743951) Users should upgrade to these updated packages, which contain backported patches to correct this issue and add this enhancement. The desktop must be restarted (log out, then log back in) for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2011:1364
CVE-2011-3365
Version: 3
Platform(s): Red Hat Enterprise Linux 6
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27397
 
Oval ID: oval:org.mitre.oval:def:27397
Title: DEPRECATED: ELSA-2011-0395 -- gdm security update (moderate)
Description: [2.30.4-21.0.2.el6_0.1] - Added oracle-enterprise.patch to show oracle-release contents. [2.30.4-21.1] - Fix CVE-2011-0727
Family: unix Class: patch
Reference(s): ELSA-2011-0395
CVE-2011-0727
Version: 4
Platform(s): Oracle Linux 6
Product(s): gdm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27542
 
Oval ID: oval:org.mitre.oval:def:27542
Title: DEPRECATED: ELSA-2011-1000 -- rgmanager security, bug fix, and enhancement update (low)
Description: [2.0.52-21] - rgmanager: Fix bad passing of SFL_FAILURE up (fix_bad_passing_of_sfl_failure_up.patch) Resolves: rhbz#711521
Family: unix Class: patch
Reference(s): ELSA-2011-1000
CVE-2010-3389
Version: 4
Platform(s): Oracle Linux 5
Product(s): rgmanager
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27685
 
Oval ID: oval:org.mitre.oval:def:27685
Title: DEPRECATED: ELSA-2010-0567 -- lvm2-cluster security update (moderate)
Description: [2.02.56-el5_5.4] - CVE-2010-2526: Fix insecurity when communicating between lvm2 and clvmd. Resolves: #616044
Family: unix Class: patch
Reference(s): ELSA-2010-0567
CVE-2010-2526
Version: 4
Platform(s): Oracle Linux 5
Product(s): lvm2-cluster
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27757
 
Oval ID: oval:org.mitre.oval:def:27757
Title: DEPRECATED: ELSA-2011-0177 -- webkitgtk security update (moderate)
Description: [1.2.6-2] - Added fix for js regression [1.2.6-1] - Update to 1.2.6
Family: unix Class: patch
Reference(s): ELSA-2011-0177
CVE-2010-3255
CVE-2010-3257
CVE-2010-3259
CVE-2010-3812
CVE-2010-3813
CVE-2010-1780
CVE-2010-1782
CVE-2010-1783
CVE-2010-1784
CVE-2010-1785
CVE-2010-1786
CVE-2010-1787
CVE-2010-1788
CVE-2010-1790
CVE-2010-1792
CVE-2010-1793
CVE-2010-1807
CVE-2010-1812
CVE-2010-1814
CVE-2010-1815
CVE-2010-3113
CVE-2010-3114
CVE-2010-3115
CVE-2010-3116
CVE-2010-3119
CVE-2010-4197
CVE-2010-4198
CVE-2010-4204
CVE-2010-4206
CVE-2010-4577
Version: 4
Platform(s): Oracle Linux 6
Product(s): webkitgtk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27880
 
Oval ID: oval:org.mitre.oval:def:27880
Title: ELSA-2011-1741 -- php-pear security and bug fix update (low)
Description: [1.9.4-4] - fix patch application for #747361 [1.9.4-3] - ignore REST cache creation failures as non-root user (#747361) [1.9.4-2] - fix XML-Util provides [1.9.4-1] - update to 1.9.4 (#651897) - update XML_RPC to 1.5.4, Structures_Graph to 1.0.4, Archive_Tar to 1.3.7 [1.9.1-1] - update to 1.9.1 (#651897) - fix installation of XML_RPC license file
Family: unix Class: patch
Reference(s): ELSA-2011-1741
CVE-2011-1072
Version: 3
Platform(s): Oracle Linux 6
Product(s): php-pear
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27919
 
Oval ID: oval:org.mitre.oval:def:27919
Title: DEPRECATED: ELSA-2011-0390 -- rsync security update (moderate)
Description: [3.0.6-5.1] - Add upstream patch to fix CVE-2011-1097 - Incremental file-list corruption due to temporary file_extra_cnt increments Resolves: #684932
Family: unix Class: patch
Reference(s): ELSA-2011-0390
CVE-2011-1097
Version: 4
Platform(s): Oracle Linux 6
Product(s): rsync
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27947
 
Oval ID: oval:org.mitre.oval:def:27947
Title: ELSA-2011-1364 -- kdelibs security and enhancement update (moderate)
Description: [6:4.3.4-11.4] - Resolves: bz#743951, use ca-certificates' ca-bundle.crt [6:4.3.4-11.3] - Resolves: bz#743515, CVE-2011-3365 - input validation failure
Family: unix Class: patch
Reference(s): ELSA-2011-1364
CVE-2011-3365
Version: 3
Platform(s): Oracle Linux 6
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28013
 
Oval ID: oval:org.mitre.oval:def:28013
Title: DEPRECATED: ELSA-2011-0433 -- xorg-x11-server-utils security update (moderate)
Description: [7.4-15.el6_0.1] - cve-2011-0465: Sanitize cpp macro expansion. (CVE 2011-0465)
Family: unix Class: patch
Reference(s): ELSA-2011-0433
CVE-2011-0465
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): xorg-x11-server-utils
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28119
 
Oval ID: oval:org.mitre.oval:def:28119
Title: DEPRECATED: ELSA-2011-1102 -- libsoup security update (moderate)
Description: [2.28.2-1.1] - Patch for CVE-2011-2524
Family: unix Class: patch
Reference(s): ELSA-2011-1102
CVE-2011-2524
Version: 4
Platform(s): Oracle Linux 6
Product(s): libsoup
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6654
 
Oval ID: oval:org.mitre.oval:def:6654
Title: Denial of service vulnerability in Google Chrome before 7.0.517.41
Description: Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements."
Family: windows Class: vulnerability
Reference(s): CVE-2010-4042
Version: 13
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Google Chrome
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 22
Application 42
Application 195
Application 1
Application 1
Application 71
Application 1
Application 27
Application 27
Application 74
Application 30
Application 2
Application 906
Application 22
Application 26
Application 8
Application 1
Application 1
Application 6
Application 22
Application 14
Application 20
Application 2
Application 1
Application 26
Application 1
Application 8
Application 1
Application 7
Application 23
Os 93
Os 1
Os 3
Os 2
Os 1
Os 10
Os 38
Os 2

ExploitDB Exploits

id Description
2012-11-01 Konqueror 4.7.3 Memory Corruption
2010-11-15 Android 2.0/2.1 Use-After-Free Remote Code Execution on Webkit
2010-11-05 Android 2.0-2.1 Reverse Shell Exploit

OpenVAS Exploits

Date Description
2012-08-03 Name : Mandriva Update for libsoup MDVSA-2012:036 (libsoup)
File : nvt/gb_mandriva_MDVSA_2012_036.nasl
2012-07-30 Name : CentOS Update for xorg-x11-server-utils CESA-2011:0433 centos5 x86_64
File : nvt/gb_CESA-2011_0433_xorg-x11-server-utils_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for xmlsec1 CESA-2011:0486 centos4 x86_64
File : nvt/gb_CESA-2011_0486_xmlsec1_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for xmlsec1 CESA-2011:0486 centos5 x86_64
File : nvt/gb_CESA-2011_0486_xmlsec1_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for rgmanager CESA-2011:1000 centos5 x86_64
File : nvt/gb_CESA-2011_1000_rgmanager_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kdelibs CESA-2011:1385 centos4 x86_64
File : nvt/gb_CESA-2011_1385_kdelibs_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for kdelibs CESA-2011:1385 centos5 x86_64
File : nvt/gb_CESA-2011_1385_kdelibs_centos5_x86_64.nasl
2012-07-09 Name : RedHat Update for libsoup RHSA-2011:1102-01
File : nvt/gb_RHSA-2011_1102-01_libsoup.nasl
2012-07-09 Name : RedHat Update for kdelibs RHSA-2011:1364-01
File : nvt/gb_RHSA-2011_1364-01_kdelibs.nasl
2012-07-09 Name : RedHat Update for php-pear RHSA-2011:1741-03
File : nvt/gb_RHSA-2011_1741-03_php-pear.nasl
2012-06-06 Name : RedHat Update for rsync RHSA-2011:0390-01
File : nvt/gb_RHSA-2011_0390-01_rsync.nasl
2012-06-06 Name : RedHat Update for gdm RHSA-2011:0395-01
File : nvt/gb_RHSA-2011_0395-01_gdm.nasl
2012-06-05 Name : RedHat Update for webkitgtk RHSA-2011:0177-01
File : nvt/gb_RHSA-2011_0177-01_webkitgtk.nasl
2012-04-02 Name : Fedora Update for PyKDE4 FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_PyKDE4_fc16.nasl
2012-04-02 Name : Fedora Update for akonadi FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_akonadi_fc16.nasl
2012-04-02 Name : Fedora Update for cantor FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_cantor_fc16.nasl
2012-04-02 Name : Fedora Update for gwenview FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_gwenview_fc16.nasl
2012-04-02 Name : Fedora Update for kalgebra FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kalgebra_fc16.nasl
2012-04-02 Name : Fedora Update for kalzium FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kalzium_fc16.nasl
2012-04-02 Name : Fedora Update for kate FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kate_fc16.nasl
2012-04-02 Name : Fedora Update for kbruch FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kbruch_fc16.nasl
2012-04-02 Name : Fedora Update for kcolorchooser FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kcolorchooser_fc16.nasl
2012-04-02 Name : Fedora Update for kde-settings FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kde-settings_fc16.nasl
2012-04-02 Name : Fedora Update for kdeaccessibility FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdeaccessibility_fc16.nasl
2012-04-02 Name : Fedora Update for kdeadmin FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdeadmin_fc16.nasl
2012-04-02 Name : Fedora Update for kdeartwork FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdeartwork_fc16.nasl
2012-04-02 Name : Fedora Update for kdebase-runtime FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdebase-runtime_fc16.nasl
2012-04-02 Name : Fedora Update for kdebase-workspace FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdebase-workspace_fc16.nasl
2012-04-02 Name : Fedora Update for kdeedu FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdeedu_fc16.nasl
2012-04-02 Name : Fedora Update for kdegames FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdegames_fc16.nasl
2012-04-02 Name : Fedora Update for kdegraphics-strigi-analyzer FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdegraphics-strigi-analyzer_fc16.nasl
2012-04-02 Name : Fedora Update for kdegraphics-thumbnailers FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdegraphics-thumbnailers_fc16.nasl
2012-04-02 Name : Fedora Update for kdegraphics FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdegraphics_fc16.nasl
2012-04-02 Name : Fedora Update for kdemultimedia FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdemultimedia_fc16.nasl
2012-04-02 Name : Fedora Update for kdenetwork FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdenetwork_fc16.nasl
2012-04-02 Name : Fedora Update for kdepim-runtime FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdepim-runtime_fc16.nasl
2012-04-02 Name : Fedora Update for kdepim FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdepim_fc16.nasl
2012-04-02 Name : Fedora Update for kdeplasma-addons FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdeplasma-addons_fc16.nasl
2012-04-02 Name : Fedora Update for kdesdk FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdesdk_fc16.nasl
2012-04-02 Name : Fedora Update for kgamma FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kgamma_fc16.nasl
2012-04-02 Name : Fedora Update for kgeography FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kgeography_fc16.nasl
2012-04-02 Name : Fedora Update for khangman FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_khangman_fc16.nasl
2012-04-02 Name : Fedora Update for kiten FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kiten_fc16.nasl
2012-04-02 Name : Fedora Update for klettres FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_klettres_fc16.nasl
2012-04-02 Name : Fedora Update for kmplot FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kmplot_fc16.nasl
2012-04-02 Name : Fedora Update for konsole FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_konsole_fc16.nasl
2012-04-02 Name : Fedora Update for kruler FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kruler_fc16.nasl
2012-04-02 Name : Fedora Update for ksaneplugin FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_ksaneplugin_fc16.nasl
2012-04-02 Name : Fedora Update for ksnapshot FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_ksnapshot_fc16.nasl
2012-04-02 Name : Fedora Update for kturtle FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kturtle_fc16.nasl
2012-04-02 Name : Fedora Update for kwordquiz FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kwordquiz_fc16.nasl
2012-04-02 Name : Fedora Update for libkdcraw FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_libkdcraw_fc16.nasl
2012-04-02 Name : Fedora Update for libkdeedu FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_libkdeedu_fc16.nasl
2012-04-02 Name : Fedora Update for libkexiv2 FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_libkexiv2_fc16.nasl
2012-04-02 Name : Fedora Update for libkipi FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_libkipi_fc16.nasl
2012-04-02 Name : Fedora Update for libksane FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_libksane_fc16.nasl
2012-04-02 Name : Fedora Update for okular FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_okular_fc16.nasl
2012-04-02 Name : Fedora Update for oxygen-icon-theme FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_oxygen-icon-theme_fc16.nasl
2012-04-02 Name : Fedora Update for rocs FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_rocs_fc16.nasl
2012-04-02 Name : Fedora Update for shared-desktop-ontologies FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_shared-desktop-ontologies_fc16.nasl
2012-04-02 Name : Fedora Update for smokegen FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_smokegen_fc16.nasl
2012-04-02 Name : Fedora Update for smokekde FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_smokekde_fc16.nasl
2012-04-02 Name : Fedora Update for smokeqt FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_smokeqt_fc16.nasl
2012-04-02 Name : Fedora Update for step FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_step_fc16.nasl
2012-03-29 Name : Fedora Update for kdelibs FEDORA-2012-3483
File : nvt/gb_fedora_2012_3483_kdelibs_fc15.nasl
2012-03-19 Name : Fedora Update for blinken FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_blinken_fc16.nasl
2012-03-19 Name : Fedora Update for kamera FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kamera_fc16.nasl
2012-03-19 Name : Fedora Update for kanagram FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kanagram_fc16.nasl
2012-03-19 Name : Fedora Update for kde-l10n FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kde-l10n_fc16.nasl
2012-03-19 Name : Fedora Update for kdebase FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdebase_fc16.nasl
2012-03-19 Name : Fedora Update for kdelibs FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdelibs_fc16.nasl
2012-03-19 Name : Fedora Update for kdepimlibs FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdepimlibs_fc16.nasl
2012-03-19 Name : Fedora Update for kdetoys FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdetoys_fc16.nasl
2012-03-19 Name : Fedora Update for kdeutils FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kdeutils_fc16.nasl
2012-03-19 Name : Fedora Update for kig FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kig_fc16.nasl
2012-03-19 Name : Fedora Update for kolourpaint FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kolourpaint_fc16.nasl
2012-03-19 Name : Fedora Update for kross-interpreters FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kross-interpreters_fc16.nasl
2012-03-19 Name : Fedora Update for kstars FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_kstars_fc16.nasl
2012-03-19 Name : Fedora Update for ktouch FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_ktouch_fc16.nasl
2012-03-19 Name : Fedora Update for marble FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_marble_fc16.nasl
2012-03-19 Name : Fedora Update for parley FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_parley_fc16.nasl
2012-03-19 Name : Fedora Update for svgpart FEDORA-2011-13417
File : nvt/gb_fedora_2011_13417_svgpart_fc16.nasl
2012-03-19 Name : Fedora Update for arora FEDORA-2011-14719
File : nvt/gb_fedora_2011_14719_arora_fc16.nasl
2012-03-12 Name : Debian Security Advisory DSA 2408-1 (php5)
File : nvt/deb_2408_1.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-18 (rgmanager)
File : nvt/glsa_201110_18.nasl
2012-02-11 Name : Debian Security Advisory DSA 2369-1 (libsoup2.4)
File : nvt/deb_2369_1.nasl
2011-12-16 Name : Fedora Update for arora FEDORA-2011-14756
File : nvt/gb_fedora_2011_14756_arora_fc15.nasl
2011-12-16 Name : Mandriva Update for php-pear MDVSA-2011:187 (php-pear)
File : nvt/gb_mandriva_MDVSA_2011_187.nasl
2011-12-15 Name : Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)
File : nvt/secpod_arora_cn_ssl_cert_spoofing_vuln_lin.nasl
2011-11-11 Name : CentOS Update for kdelibs CESA-2011:1385 centos4 i386
File : nvt/gb_CESA-2011_1385_kdelibs_centos4_i386.nasl
2011-11-03 Name : Mandriva Update for kdelibs4 MDVSA-2011:162 (kdelibs4)
File : nvt/gb_mandriva_MDVSA_2011_162.nasl
2011-10-31 Name : Ubuntu Update for kde4libs USN-1248-1
File : nvt/gb_ubuntu_USN_1248_1.nasl
2011-10-21 Name : CentOS Update for kdelibs CESA-2011:1385 centos5 i386
File : nvt/gb_CESA-2011_1385_kdelibs_centos5_i386.nasl
2011-10-21 Name : RedHat Update for kdelibs and kdelibs3 RHSA-2011:1385-01
File : nvt/gb_RHSA-2011_1385-01_kdelibs_and_kdelibs3.nasl
2011-09-27 Name : Fedora Update for libsoup FEDORA-2011-9820
File : nvt/gb_fedora_2011_9820_libsoup_fc14.nasl
2011-09-23 Name : CentOS Update for rgmanager CESA-2011:1000 centos5 i386
File : nvt/gb_CESA-2011_1000_rgmanager_centos5_i386.nasl
2011-08-27 Name : Ubuntu Update for webkit USN-1195-1
File : nvt/gb_ubuntu_USN_1195_1.nasl
2011-08-12 Name : Fedora Update for libsoup FEDORA-2011-9763
File : nvt/gb_fedora_2011_9763_libsoup_fc15.nasl
2011-08-09 Name : CentOS Update for lvm2-cluster CESA-2010:0567 centos5 i386
File : nvt/gb_CESA-2010_0567_lvm2-cluster_centos5_i386.nasl
2011-08-09 Name : CentOS Update for xorg-x11-server-utils CESA-2011:0433 centos5 i386
File : nvt/gb_CESA-2011_0433_xorg-x11-server-utils_centos5_i386.nasl
2011-08-09 Name : CentOS Update for xmlsec1 CESA-2011:0486 centos4 i386
File : nvt/gb_CESA-2011_0486_xmlsec1_centos4_i386.nasl
2011-08-09 Name : CentOS Update for xmlsec1 CESA-2011:0486 centos5 i386
File : nvt/gb_CESA-2011_0486_xmlsec1_centos5_i386.nasl
2011-08-03 Name : Debian Security Advisory DSA 2238-1 (vino)
File : nvt/deb_2238_1.nasl
2011-08-03 Name : Debian Security Advisory DSA 2254-1 (oprofile)
File : nvt/deb_2254_1.nasl
2011-08-03 Name : Debian Security Advisory DSA 2254-2 (oprofile)
File : nvt/deb_2254_2.nasl
2011-08-03 Name : FreeBSD Ports: rsync
File : nvt/freebsd_rsync4.nasl
2011-08-02 Name : Ubuntu Update for libsoup2.4 USN-1181-1
File : nvt/gb_ubuntu_USN_1181_1.nasl
2011-07-27 Name : Fedora Update for oprofile FEDORA-2011-8076
File : nvt/gb_fedora_2011_8076_oprofile_fc15.nasl
2011-07-27 Name : Fedora Update for oprofile FEDORA-2011-8087
File : nvt/gb_fedora_2011_8087_oprofile_fc14.nasl
2011-07-18 Name : Ubuntu Update for oprofile USN-1166-1
File : nvt/gb_ubuntu_USN_1166_1.nasl
2011-07-08 Name : Fedora Update for syslog-ng FEDORA-2011-8405
File : nvt/gb_fedora_2011_8405_syslog-ng_fc14.nasl
2011-06-20 Name : Fedora Update for xorg-x11-server-utils FEDORA-2011-4879
File : nvt/gb_fedora_2011_4879_xorg-x11-server-utils_fc13.nasl
2011-06-20 Name : OProfile Multiple Vulnerabilities
File : nvt/gb_oprofile_mult_vuln.nasl
2011-05-23 Name : Fedora Update for vino FEDORA-2011-6773
File : nvt/gb_fedora_2011_6773_vino_fc14.nasl
2011-05-23 Name : Fedora Update for vino FEDORA-2011-6778
File : nvt/gb_fedora_2011_6778_vino_fc13.nasl
2011-05-17 Name : Mandriva Update for vino MDVSA-2011:087 (vino)
File : nvt/gb_mandriva_MDVSA_2011_087.nasl
2011-05-12 Name : Debian Security Advisory DSA 2188-1 (webkit)
File : nvt/deb_2188_1.nasl
2011-05-12 Name : Debian Security Advisory DSA 2205-1 (gdm3)
File : nvt/deb_2205_1.nasl
2011-05-12 Name : Debian Security Advisory DSA 2213-1 (x11-xserver-utils)
File : nvt/deb_2213_1.nasl
2011-05-12 Name : Debian Security Advisory DSA 2215-1 (gitolite)
File : nvt/deb_2215_1.nasl
2011-05-12 Name : Debian Security Advisory DSA 2219-1 (xmlsec1)
File : nvt/deb_2219_1.nasl
2011-05-12 Name : FreeBSD Ports: gdm
File : nvt/freebsd_gdm.nasl
2011-05-12 Name : FreeBSD Ports: xrdb
File : nvt/freebsd_xrdb.nasl
2011-05-10 Name : Ubuntu Update for rsync USN-1124-1
File : nvt/gb_ubuntu_USN_1124_1.nasl
2011-05-10 Name : Ubuntu Update for php5 USN-1126-1
File : nvt/gb_ubuntu_USN_1126_1.nasl
2011-05-10 Name : Ubuntu Update for php5 USN-1126-2
File : nvt/gb_ubuntu_USN_1126_2.nasl
2011-05-10 Name : Ubuntu Update for vino USN-1128-1
File : nvt/gb_ubuntu_USN_1128_1.nasl
2011-05-06 Name : RedHat Update for xmlsec1 RHSA-2011:0486-01
File : nvt/gb_RHSA-2011_0486-01_xmlsec1.nasl
2011-04-22 Name : Mandriva Update for xrdb MDVSA-2011:076 (xrdb)
File : nvt/gb_mandriva_MDVSA_2011_076.nasl
2011-04-22 Name : Rsync Multiple Denial of Service Vulnerabilities (Windows)
File : nvt/gb_rsync_mult_dos_vuln.nasl
2011-04-22 Name : SuSE Update for xorg-x11 SUSE-SA:2011:016
File : nvt/gb_suse_2011_016.nasl
2011-04-19 Name : RedHat Update for xorg-x11 RHSA-2011:0432-01
File : nvt/gb_RHSA-2011_0432-01_xorg-x11.nasl
2011-04-19 Name : RedHat Update for xorg-x11-server-utils RHSA-2011:0433-01
File : nvt/gb_RHSA-2011_0433-01_xorg-x11-server-utils.nasl
2011-04-19 Name : Fedora Update for gdm FEDORA-2011-4351
File : nvt/gb_fedora_2011_4351_gdm_fc13.nasl
2011-04-19 Name : Fedora Update for xorg-x11-server-utils FEDORA-2011-4871
File : nvt/gb_fedora_2011_4871_xorg-x11-server-utils_fc14.nasl
2011-04-11 Name : Fedora Update for rsync FEDORA-2011-4413
File : nvt/gb_fedora_2011_4413_rsync_fc14.nasl
2011-04-11 Name : Fedora Update for rsync FEDORA-2011-4427
File : nvt/gb_fedora_2011_4427_rsync_fc13.nasl
2011-04-11 Name : Mandriva Update for rsync MDVSA-2011:066 (rsync)
File : nvt/gb_mandriva_MDVSA_2011_066.nasl
2011-04-11 Name : Mandriva Update for gdm MDVSA-2011:070 (gdm)
File : nvt/gb_mandriva_MDVSA_2011_070.nasl
2011-04-11 Name : Ubuntu Update for x11-xserver-utils vulnerability USN-1107-1
File : nvt/gb_ubuntu_USN_1107_1.nasl
2011-04-06 Name : Fedora Update for gdm FEDORA-2011-4335
File : nvt/gb_fedora_2011_4335_gdm_fc14.nasl
2011-04-06 Name : Mandriva Update for xmlsec1 MDVSA-2011:063 (xmlsec1)
File : nvt/gb_mandriva_MDVSA_2011_063.nasl
2011-04-01 Name : Ubuntu Update for gdm vulnerability USN-1099-1
File : nvt/gb_ubuntu_USN_1099_1.nasl
2011-03-09 Name : Gentoo Security Advisory GLSA 201012-01 (chromium)
File : nvt/glsa_201012_01.nasl
2011-03-07 Name : Debian Security Advisory DSA 2147-1 (pimd)
File : nvt/deb_2147_1.nasl
2011-03-07 Name : Debian Security Advisory DSA 2164-1 (shadow)
File : nvt/deb_2164_1.nasl
2011-03-07 Name : Mandriva Update for webkit MDVSA-2011:039 (webkit)
File : nvt/gb_mandriva_MDVSA_2011_039.nasl
2011-03-05 Name : FreeBSD Ports: webkit-gtk2
File : nvt/freebsd_webkit-gtk23.nasl
2011-02-18 Name : Fedora Update for webkitgtk FEDORA-2011-1224
File : nvt/gb_fedora_2011_1224_webkitgtk_fc13.nasl
2011-02-18 Name : Ubuntu Update for shadow vulnerability USN-1065-1
File : nvt/gb_ubuntu_USN_1065_1.nasl
2011-01-27 Name : Google Chrome multiple vulnerabilities - Jan11 (Linux)
File : nvt/gb_google_chrome_mult_vuln_jan11_lin.nasl
2011-01-27 Name : Google Chrome multiple vulnerabilities - Jan11 (Windows)
File : nvt/gb_google_chrome_mult_vuln_jan11_win.nasl
2011-01-24 Name : FreeBSD Ports: webkit-gtk2
File : nvt/freebsd_webkit-gtk22.nasl
2011-01-11 Name : Fedora Update for webkitgtk FEDORA-2011-0121
File : nvt/gb_fedora_2011_0121_webkitgtk_fc13.nasl
2010-12-29 Name : Google Chrome multiple vulnerabilities - Dec10 (Linux)
File : nvt/gb_google_chrome_mult_vuln_dec10_lin01.nasl
2010-12-29 Name : Google Chrome multiple vulnerabilities - Dec10 (Windows)
File : nvt/gb_google_chrome_mult_vuln_dec10_win01.nasl
2010-12-27 Name : Google Chrome multiple vulnerabilities - Dec 10(Linux)
File : nvt/gb_google_chrome_mult_vuln_dec10_lin.nasl
2010-12-27 Name : Google Chrome multiple vulnerabilities - Dec 10(Windows)
File : nvt/gb_google_chrome_mult_vuln_dec10_win.nasl
2010-12-02 Name : Fedora Update for lvm2 FEDORA-2010-13239
File : nvt/gb_fedora_2010_13239_lvm2_fc14.nasl
2010-12-02 Name : Fedora Update for gnucash FEDORA-2010-16762
File : nvt/gb_fedora_2010_16762_gnucash_fc14.nasl
2010-12-02 Name : Mandriva Update for gnucash MDVSA-2010:241 (gnucash)
File : nvt/gb_mandriva_MDVSA_2010_241.nasl
2010-11-23 Name : Apple Safari Webkit Multiple Vulnerabilities - Nov10
File : nvt/gb_apple_safari_webkit_mult_vuln_nov10.nasl
2010-11-18 Name : Google Chrome multiple vulnerabilities - November 10(Linux)
File : nvt/gb_google_chrome_mult_vuln_nov10_lin.nasl
2010-11-18 Name : Google Chrome multiple vulnerabilities - November 10(Windows)
File : nvt/gb_google_chrome_mult_vuln_nov10_win.nasl
2010-11-17 Name : FreeBSD Ports: webkit-gtk2
File : nvt/freebsd_webkit-gtk21.nasl
2010-11-16 Name : Fedora Update for gnucash FEDORA-2010-16605
File : nvt/gb_fedora_2010_16605_gnucash_fc13.nasl
2010-11-16 Name : Fedora Update for gnucash FEDORA-2010-16622
File : nvt/gb_fedora_2010_16622_gnucash_fc12.nasl
2010-10-28 Name : Google Chrome multiple vulnerabilities - October 10(Linux)
File : nvt/gb_google_chrome_mult_vuln_oct10_lin.nasl
2010-10-28 Name : Google Chrome multiple vulnerabilities - October 10(Windows)
File : nvt/gb_google_chrome_mult_vuln_oct10_win.nasl
2010-10-22 Name : Fedora Update for webkitgtk FEDORA-2010-15957
File : nvt/gb_fedora_2010_15957_webkitgtk_fc13.nasl
2010-10-22 Name : Fedora Update for webkitgtk FEDORA-2010-15982
File : nvt/gb_fedora_2010_15982_webkitgtk_fc12.nasl
2010-10-22 Name : Ubuntu Update for webkit vulnerabilities USN-1006-1
File : nvt/gb_ubuntu_USN_1006_1.nasl
2010-10-19 Name : Ubuntu Update for lvm2 vulnerability USN-1001-1
File : nvt/gb_ubuntu_USN_1001_1.nasl
2010-10-10 Name : Debian Security Advisory DSA 2095-1 (lvm2)
File : nvt/deb_2095_1.nasl
2010-10-10 Name : FreeBSD Ports: webkit-gtk2
File : nvt/freebsd_webkit-gtk20.nasl
2010-10-04 Name : Mandriva Update for qt-creator MDVSA-2010:193 (qt-creator)
File : nvt/gb_mandriva_MDVSA_2010_193.nasl
2010-10-01 Name : Fedora Update for lvm2 FEDORA-2010-12250
File : nvt/gb_fedora_2010_12250_lvm2_fc12.nasl
2010-09-22 Name : Fedora Update for webkitgtk FEDORA-2010-14409
File : nvt/gb_fedora_2010_14409_webkitgtk_fc13.nasl
2010-09-22 Name : Fedora Update for webkitgtk FEDORA-2010-14419
File : nvt/gb_fedora_2010_14419_webkitgtk_fc12.nasl
2010-09-21 Name : Google Chrome multiple vulnerabilities (Linux)
File : nvt/gb_google_chrome_mult_vuln_sep10_lin.nasl
2010-09-21 Name : Google Chrome multiple vulnerabilities (Windows) Sep10
File : nvt/gb_google_chrome_mult_vuln_sep10_win.nasl
2010-09-15 Name : Apple Safari Multiple Vulnerabilities - Sep10
File : nvt/gb_apple_safari_mult_vuln_sep10.nasl
2010-09-14 Name : Fedora Update for lvm2 FEDORA-2010-13708
File : nvt/gb_fedora_2010_13708_lvm2_fc13.nasl
2010-09-14 Name : Fedora Update for udisks FEDORA-2010-13708
File : nvt/gb_fedora_2010_13708_udisks_fc13.nasl
2010-09-07 Name : Mandriva Update for lvm2 MDVSA-2010:171 (lvm2)
File : nvt/gb_mandriva_MDVSA_2010_171.nasl
2010-08-02 Name : Apple Safari Multiple Vulnerabilities - July 10
File : nvt/secpod_apple_safari_mult_vuln_jul10.nasl
2010-08-02 Name : Google Chrome Multiple Unspecified Vulnerabilities - July 10
File : nvt/secpod_google_chrome_mult_unspecified_vuln_jul10.nasl
2010-07-02 Name : IBM WebSphere Application Server (WAS) Cross-site Scripting Vulnerability
File : nvt/secpod_ibm_was_xss_vuln.nasl
2010-01-29 Name : Mandriva Update for php-pear-Mail MDVSA-2010:025 (php-pear-Mail)
File : nvt/gb_mandriva_MDVSA_2010_025.nasl
2009-12-10 Name : Fedora Core 11 FEDORA-2009-12348 (php-pear-Mail)
File : nvt/fcore_2009_12348.nasl
2009-12-10 Name : Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail)
File : nvt/fcore_2009_12395.nasl
2009-12-10 Name : Fedora Core 10 FEDORA-2009-12439 (php-pear-Mail)
File : nvt/fcore_2009_12439.nasl
2009-11-23 Name : Debian Security Advisory DSA 1938-1 (php-mail)
File : nvt/deb_1938_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2011-086-03 shadow
File : nvt/esoft_slk_ssa_2011_086_03.nasl
0000-00-00 Name : Slackware Advisory SSA:2011-096-01 xrdb
File : nvt/esoft_slk_ssa_2011_096_01.nasl
0000-00-00 Name : FreeBSD Ports: kdelibs
File : nvt/freebsd_kdelibs5.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
76136 Arora Certificate Text Format CN Field RTF Data Parsing Certificate Spoofing ...

76021 rekonq Certificate Text Format CN Field RTF Data Parsing Certificate Spoofing...

76016 KDE KSSL Certificate Text Format CN Field RTF Data Parsing Certificate Spoofi...

75083 PEAR Installer Multiple Directory Temporary File Symlink Arbitrary File Overw...

75045 X.Org xrdb xrdb.c Hostname Shell Metacharacter Arbitrary Local Command Injection

74996 rsync Incremental Recursion Remote Memory Corruption DoS

74333 Vino server/libvncserver/rfbserver.c rfbSendFramebufferUpdate() Function Tigh...

Vino contains a flaw that may allow a remote denial of service. The issue is triggered when the rfbSendFramebufferUpdate() function in server/libvncserver/rfbserver.c fails to properly handle client framebuffer update requests, and will result in loss of availability for the program.
74332 Vino server/libvncserver/rfbserver.c rfbSendFramebufferUpdate() Function Raw ...

Vino contains a flaw that may allow a remote denial of service. The issue is triggered when the rfbSendFramebufferUpdate() function in server/libvncserver/rfbserver.c fails to properly handle client framebuffer update requests, and will result in loss of availability for the program.
74135 libsoup SoupServer soup-uri.c HTTP Request Parsing Traversal Arbitrary File A...

libsoup contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to soup-uri.c in the SoupServer feature not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via HTTP Requests. This directory traversal attack would allow the attacker to access arbitrary files.
73736 syslog-ng lib/logmatcher.c PCRE Global Flag Remote DoS

73719 OProfile utils/opcontrol do_dump_data Function --session-dir Argument opd_pip...

73717 OProfile utils/opcontrol --save Argument Traversal Arbitrary File Overwrite

73716 OProfile utils/opcontrol daemonrc Multiple Argument Shell Metacharacter Local...

72792 OProfile utils/opcontrol Shell Metacharacter Eval Injection Local Privilege E...

72551 GNOME Display Manager (gdm) /var/cache/gdm/ Multiple File Symlink Local Privi...

72538 gitolite Admin-Defined Commands (ADC) Traversal Arbitrary Command Execution

72303 XML Security Library XSLT output Extension Arbitrary File Manipulation

XML Security Library contains a flaw that may allow a remote attacker to modify arbitrary files. The issue is due to XSLT not properly sanitizing user-supplied input to the 'output' extension. This flaw can potentially be used to manipulate the contents of any file on the system accessible by the web server.
70895 shadow chfn/chsh Utility GECOS Field CRLF Injection

shadow contains multiple CRLF injection vulnerabilities related to the 'chfn' and 'chsh' utilities failing to handle newlines characters properly. This may allow a local attacker to add new groups or users to the 'etc/passwd' file via the GECOS field.
70465 Google Chrome HTML Document Anchor Unspecified Variable Casting Remote DoS

Google Chrome contains a flaw that may allow a denial of service. The issue is triggered when the program fails to properly perform a cast of an unspecified variable during handling of anchors, allowing a context-dependent attacker to use a crafted HTML document to cause a denial of servce or possibly have other unspecified impact.
70305 pimd Multiple Temporary File Symlink Arbitrary File Overwrite

pimd contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the '/var/tmp/pimd.dump' and '/var/tmp/pimd.cache' files creating temporary files insecurely. It is possible for a local attacker to use a symlink attack to cause the program to unexpectedly write to, or overwrite an attacker specified file.
70106 Google Chrome Cursor Handling Stale Pointer Remote DoS

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to properly perform cursor handling, allowing a remote attacker to cause a denial of service via unknown vectors leading to 'stale pointers'.
70105 Google Chrome CSS Token Sequence Out-of-bounds Read Remote DoS

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to properly parse CSS token sequences, allowing a remote attacker to cause an out-of-bounds read denial of service via unspecified vectors.
69672 Google Chrome Mouse Drag Event Use-after-free Remote DoS

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when a use-after-free error in the handling of mouse dragging events is exploited to cause a loss of availability.
69671 Google Chrome SVG Animation Use-after-free Remote DoS

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when a use-after-free vulnerability is exploited to cause a loss of availability for the program via vectors involving SVG animations.
69434 Apple Safari WebKit HTML Link Element DNS Prefetch Setting Bypass

Apple Safari contains a flaw related to the WebKit's HTML Link Element. The issue is triggered when WebKit encounters an HTML Link Element that requests DNS prefetching. This will bypass any prefetching preference that has been set, and may result in undesired requests to remote servers.
69433 Apple Safari WebKit wholeText Method Size Calculation Overflow

Apple WebKit in Apple Safari before 5.0.3 on Windows 7, Windows Vista, Windows XP SP2 or later, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, and Apple WebKit in Apple Safari before 4.1.3 on Mac OS X v10.4.11 and Mac OS X Server v10.4.11 is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in an integer overflow while handling Text objects. Visiting a specially crafted website a remote attacker can potentially cause an unexpected application termination or arbitrary code execution.
69298 GnuCash gnc-test-env LD_LIBRARY_PATH Zero-length Directory Name Path Subversi...

GnuCash contains a path subversion flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the 'src/gnc-test-env' script incorrectly sets the environment variable 'LD_LIBRARY_PATH', allowing a context-dependent attacker to gain elevated privileges by tricking a user into running the script in a directory containing a malicious library.
69172 Google Chrome SVG Document Out-of-bounds Array Index Memory Access DoS

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program accesses memory in an out-of-bounds array index while processing an SVG document, allowing a context-dependent attacker to cause a denial of service or possibly have other unspecified impact.
69170 Google Chrome Destroyed Frame Object Access Remote DoS

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program accesses a frame object after it has been destroyed, allowing a context-dependent attacker to cause a denial of service or possibly have other unspecified impact.
69164 Google Chrome Crafted HTML Document Text Area Handling Memory Corruption

A memory corruption flaw exists in Google Chrome. The program fails to sanitize user-supplied input when processing large text areas, resulting in memory corruption. With a specially crafted HTML document, a context-dependent attacker can cause a denial of service, or possibly have other unspecified impact.
69163 Google Chrome Text Editing Use-after-free Remote DoS

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when a use-after-free error related to text editing is exploited to cause a denial of service.
68843 Google Chrome Stale Element Map Handling DoS

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to properly handle stale elements in element maps, allowing a remote attacker to cause a denial of service.
68808 OCF Resource Agents Multiple Scripts LD_LIBRARY_PATH Zero-length Directory Na...

68789 lastfm LD_LIBRARY_PATH Zero-length Directory Name Path Subversion Local Privi...

68366 Qt Creator LD_LIBRARY_PATH Zero-length Directory Name Path Subversion Local P...

Qt Creator contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the program places a zero-length directory name in the LD_LIBRARY_PATH, allowing a local attacker to gain elevated privileges via a path subversion vulnerability.
67962 Apple Safari WebKit Floating Point Data Crafted HTML Document Handling Arbitr...

Apple Safari WebKit contains an input validation flaw related to WebKit's handling of floating point data types. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code via a crafted HTML document.
67933 Apple iOS WebKit on iPhone / iPod Scrollbar Use-after-free Arbitrary Code Exe...

67932 Apple iOS WebKit on iPhone / iPod Menu Arbitrary Code Execution

67930 Apple iOS WebKit on iPhone / iPod Selections Use-after-free Arbitrary Code Ex...

67867 Google Chrome Image Read Access Restriction Same Origin Policy Bypass Remote ...

67865 Google Chrome Focus Handling Stale Pointer Memory Corruption

67863 Google Chrome Counter Node Handling Unspecified Memory Corruption

66857 Apple Safari WebKit SVG Document Multiple Element Use-after-free Arbitrary Co...

Apple Safari WebKit contains a use-after-free flaw related to WebKit's handling of "font-face" and "use" elements in SVG documents. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code.
66856 Apple Safari WebKit Crafted Regular Expression Arbitrary Code Execution

Apple Safari WebKit contains a memory corruption flaw related to WebKit's handling of regular expressions. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code.
66855 Apple Safari Webkit JavaScript Array Index Integer Signedness Arbitrary Code ...

Apple Safari Webkit contains an integer signedness flaw related to WebKit's handling of JavaScript arrays. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code.
66854 Apple Safari WebKit JIT Compiled JavaScript Stub Reentrancy Issue Arbitrary C...

Apple Safari WebKit contains a reentrancy issue related to the WebKit's handling of just-in-time compiled JavaScript stubs. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code.
66852 Apple Safari Webkit SVG Document Use Element Arbitrary Code Execution

Apple Safari Webkit contains a memory corruption flaw related to WebKit's handling of 'use' elements in SVG documents. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code.
66851 Apple Safari WebKit SVG Document Floating Element Arbitrary Code Execution

Apple Safari WebKit contains a memory corruption flaw related to WebKit's handling of floating elements in SVG documents. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code.
66850 Apple Safari WebKit SVG Document foreignObject Element Use-after-free Arbitra...

Apple Safari WebKit contains a use-after-free flaw related to WebKit's handling of foreignObject elements in SVG documents. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code.
66849 Apple Safari WebKit SVG Text Multiple Pseudo-elements Crafted Document Arbitr...

Apple Safari WebKit contains an uninitialized memory access flaw related to WebKit's handling of the :first-letter and :first-line pseudo-elements in SVG text elements. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code.
66848 Apple Safari WebKit CSS Implementation Counters Functionality Crafted HTML Do...

Apple Safari WebKit contains a memory corruption flaw related to WebKit's handling of CSS counters. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code via a crafted HTML document.
66847 Apple Safari WebKit Text Node Dynamic Modification Arbitrary Code Execution

Apple Safari WebKit contains a memory corruption flaw related to WebKit's handling of dynamic modifications to text nodes. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code via a crafted HTML document.
66846 Apple Safari WebKit Inline Element Rendering Arbitrary Code Execution

Apple Safari WebKit contains a memory corruption flaw related to WebKit's rendering of inline elements. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code.
66845 Apple Safari WebKit Element Focus Use-after-free Arbitrary Code Execution

Apple Safari WebKit contains a use-after-free flaw related to WebKit's handling of element focus. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code.
66753 LVM2 clvmd Abstract Socket Credential Check Weakness Local Privilege Escalation

66748 Google Chrome Rendering Implementation Unspecified Remote DoS

65798 IBM WebSphere Application Server (WAS) Administration Console Unspecified XSS...

60563 PEAR Mail Mail/sendmail.php $recipients Parameter Arbitrary File Write

60322 PEAR Mail Sendmail Mail::Send() Function from Parameter Arbitrary Argument Co...

39601 Racer Client/Server UDP Packet Handling Remote Overflow

A remote overflow exists in Racer v0.5.3beta5. The game fails to verify buffer lengths resulting in a stack overflow. With a specially crafted request, a remote attacker can execute arbitrary code resulting in a loss of integrity.

Snort® IPS/IDS

Date Description
2014-01-10 Google Chrome Uninitialized bug_report Pointer Code Execution
RuleID : 19217 - Revision : 14 - Type : BROWSER-CHROME
2014-01-10 Google Chrome Uninitialized bug_report Pointer Code Execution
RuleID : 19216 - Revision : 14 - Type : BROWSER-CHROME
2014-01-10 Apple Safari WebKit menu onchange memory corruption attempt
RuleID : 19010 - Revision : 10 - Type : BROWSER-WEBKIT
2014-01-10 Apple Safari WebKit menu onchange memory corruption attempt
RuleID : 19009 - Revision : 8 - Type : BROWSER-WEBKIT
2014-01-10 Apple Safari Webkit floating point conversion memory corruption attempt
RuleID : 19008 - Revision : 10 - Type : BROWSER-WEBKIT
2014-01-10 Apple Safari Webkit removeAllRanges use-after-free attempt
RuleID : 18995 - Revision : 8 - Type : BROWSER-WEBKIT
2014-01-10 Apple Safari WebKit Rendering Counter Code Execution
RuleID : 18903 - Revision : 10 - Type : BROWSER-WEBKIT

Nessus® Vulnerability Scanner

Date Description
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_libsoup_20120918.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-09.nasl - Type : ACT_GATHER_INFO
2014-06-30 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201406-34.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-182.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_gdm-110330.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_libsoup-2_4-1-110729.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_libwebkit-100920.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_libwebkit-110104.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_libwebkit-110223.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_rsync-110404.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_vino-110509.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_xorg-x11-110405.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_gdm-110330.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kdelibs4-111010.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_libsoup-2_4-1-110729.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_rsync-110404.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_vino-110509.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_xorg-x11-110405.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0567.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0177.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2011-0390.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0395.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0432.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2011-0433.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0486.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1102.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1364.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1385.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2013-0169.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2013-0169.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0567.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1000.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1580.nasl - Type : ACT_GATHER_INFO
2013-01-23 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130121_vino_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-01-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0169.nasl - Type : ACT_GATHER_INFO
2012-08-20 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_07234e78e89911e1b38d0023ae8e59f0.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100728_lvm2_cluster_lvm2_for_SL5.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110125_webkitgtk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20110216_rgmanager_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110329_gdm_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20110329_rsync_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110411_xorg_x11_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20110411_xorg_x11_server_utils_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110504_xmlsec1_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20110721_rgmanager_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110728_libsoup_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111011_kdelibs_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111019_kdelibs_and_kdelibs3_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20111206_php_pear_on_SL6.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111206_resource_agents_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-04-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-mod_php5-120309.nasl - Type : ACT_GATHER_INFO
2012-03-26 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-036.nasl - Type : ACT_GATHER_INFO
2012-02-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2408.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2369.nasl - Type : ACT_GATHER_INFO
2011-12-16 Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2011-187.nasl - Type : ACT_GATHER_INFO
2011-12-15 Name : The remote Fedora host is missing a security update.
File : fedora_2011-14756.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote Fedora host is missing a security update.
File : fedora_2011-14719.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_vino-7531.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xorg-x11-7416.nasl - Type : ACT_GATHER_INFO
2011-12-06 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1741.nasl - Type : ACT_GATHER_INFO
2011-11-02 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-162.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1248-1.nasl - Type : ACT_GATHER_INFO
2011-10-24 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6d21a287fce011e0a82800235a5f2c9a.nasl - Type : ACT_GATHER_INFO
2011-10-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-18.nasl - Type : ACT_GATHER_INFO
2011-10-20 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1385.nasl - Type : ACT_GATHER_INFO
2011-10-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1385.nasl - Type : ACT_GATHER_INFO
2011-10-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1364.nasl - Type : ACT_GATHER_INFO
2011-10-05 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-13417.nasl - Type : ACT_GATHER_INFO
2011-09-26 Name : The remote Fedora host is missing a security update.
File : fedora_2011-9820.nasl - Type : ACT_GATHER_INFO
2011-09-23 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2011-1000.nasl - Type : ACT_GATHER_INFO
2011-08-24 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1195-1.nasl - Type : ACT_GATHER_INFO
2011-08-08 Name : The remote Fedora host is missing a security update.
File : fedora_2011-9763.nasl - Type : ACT_GATHER_INFO
2011-08-08 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libsoup-110731.nasl - Type : ACT_GATHER_INFO
2011-07-29 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1102.nasl - Type : ACT_GATHER_INFO
2011-07-29 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1181-1.nasl - Type : ACT_GATHER_INFO
2011-07-26 Name : The remote Fedora host is missing a security update.
File : fedora_2011-8076.nasl - Type : ACT_GATHER_INFO
2011-07-26 Name : The remote Fedora host is missing a security update.
File : fedora_2011-8087.nasl - Type : ACT_GATHER_INFO
2011-07-21 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_9a777c23b31011e0832d00215c6a37bb.nasl - Type : ACT_GATHER_INFO
2011-07-12 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1166-1.nasl - Type : ACT_GATHER_INFO
2011-06-30 Name : The remote Fedora host is missing a security update.
File : fedora_2011-8405.nasl - Type : ACT_GATHER_INFO
2011-06-29 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_webkit-1_2_7-update-110622.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1124-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1126-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1126-2.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1128-1.nasl - Type : ACT_GATHER_INFO
2011-06-12 Name : The remote Fedora host is missing a security update.
File : fedora_2011-4879.nasl - Type : ACT_GATHER_INFO
2011-06-10 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2254.nasl - Type : ACT_GATHER_INFO
2011-06-09 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_vino-110518.nasl - Type : ACT_GATHER_INFO
2011-06-09 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_vino-7532.nasl - Type : ACT_GATHER_INFO
2011-05-28 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2011-086-03.nasl - Type : ACT_GATHER_INFO
2011-05-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2238.nasl - Type : ACT_GATHER_INFO
2011-05-18 Name : The remote Fedora host is missing a security update.
File : fedora_2011-6773.nasl - Type : ACT_GATHER_INFO
2011-05-18 Name : The remote Fedora host is missing a security update.
File : fedora_2011-6778.nasl - Type : ACT_GATHER_INFO
2011-05-17 Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2011-087.nasl - Type : ACT_GATHER_INFO
2011-05-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_libwebkit-110223.nasl - Type : ACT_GATHER_INFO
2011-05-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_vino-110509.nasl - Type : ACT_GATHER_INFO
2011-05-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0486.nasl - Type : ACT_GATHER_INFO
2011-05-06 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_rsync-110404.nasl - Type : ACT_GATHER_INFO
2011-05-06 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_rsync-110404.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0486.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_libwebkit-110111.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_xorg-x11-110405.nasl - Type : ACT_GATHER_INFO
2011-04-22 Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2011-076.nasl - Type : ACT_GATHER_INFO
2011-04-20 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0432.nasl - Type : ACT_GATHER_INFO
2011-04-19 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2219.nasl - Type : ACT_GATHER_INFO
2011-04-18 Name : The remote Fedora host is missing a security update.
File : fedora_2011-4984.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2011-0433.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote Fedora host is missing a security update.
File : fedora_2011-4351.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote Fedora host is missing a security update.
File : fedora_2011-4871.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_2eccb24f61c011e0b1990015f2db7bde.nasl - Type : ACT_GATHER_INFO
2011-04-13 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12700.nasl - Type : ACT_GATHER_INFO
2011-04-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xorg-x11-7417.nasl - Type : ACT_GATHER_INFO
2011-04-12 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2011-096-01.nasl - Type : ACT_GATHER_INFO
2011-04-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0432.nasl - Type : ACT_GATHER_INFO
2011-04-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0433.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2213.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-070.nasl - Type : ACT_GATHER_INFO
2011-04-08 Name : The remote Fedora host is missing a security update.
File : fedora_2011-4413.nasl - Type : ACT_GATHER_INFO
2011-04-08 Name : The remote Fedora host is missing a security update.
File : fedora_2011-4427.nasl - Type : ACT_GATHER_INFO
2011-04-07 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_xorg-x11-110323.nasl - Type : ACT_GATHER_INFO
2011-04-07 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1107-1.nasl - Type : ACT_GATHER_INFO
2011-04-06 Name : The remote Fedora host is missing a security update.
File : fedora_2011-4389.nasl - Type : ACT_GATHER_INFO
2011-04-06 Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2011-066.nasl - Type : ACT_GATHER_INFO
2011-04-05 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-063.nasl - Type : ACT_GATHER_INFO
2011-04-04 Name : The remote Fedora host is missing a security update.
File : fedora_2011-4335.nasl - Type : ACT_GATHER_INFO
2011-03-31 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1099-1.nasl - Type : ACT_GATHER_INFO
2011-03-30 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_c6fbd44759ed11e08d040015f2db7bde.nasl - Type : ACT_GATHER_INFO
2011-03-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2205.nasl - Type : ACT_GATHER_INFO
2011-03-29 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0390.nasl - Type : ACT_GATHER_INFO
2011-03-29 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0395.nasl - Type : ACT_GATHER_INFO
2011-03-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2188.nasl - Type : ACT_GATHER_INFO
2011-03-03 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-039.nasl - Type : ACT_GATHER_INFO
2011-02-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2164.nasl - Type : ACT_GATHER_INFO
2011-02-18 Name : The remote Fedora host is missing a security update.
File : fedora_2011-1224.nasl - Type : ACT_GATHER_INFO
2011-02-16 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1065-1.nasl - Type : ACT_GATHER_INFO
2011-02-11 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_35ecdcbe350111e0afcd0015f2db7bde.nasl - Type : ACT_GATHER_INFO
2011-01-26 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0177.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_lvm2-clvm2-100820.nasl - Type : ACT_GATHER_INFO
2011-01-18 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2147.nasl - Type : ACT_GATHER_INFO
2011-01-13 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_8_0_552_237.nasl - Type : ACT_GATHER_INFO
2011-01-10 Name : The remote Fedora host is missing a security update.
File : fedora_2011-0121.nasl - Type : ACT_GATHER_INFO
2011-01-03 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_06a12e26142e11e0bea20015f2db7bde.nasl - Type : ACT_GATHER_INFO
2010-12-14 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_8_0_552_224.nasl - Type : ACT_GATHER_INFO
2010-12-03 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_8_0_552_215.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_lvm2-100730.nasl - Type : ACT_GATHER_INFO
2010-11-28 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-241.nasl - Type : ACT_GATHER_INFO
2010-11-18 Name : The remote host contains a web browser that is affected by several vulnerabil...
File : macosx_Safari5_0_3.nasl - Type : ACT_GATHER_INFO
2010-11-18 Name : The remote host contains a web browser that is affected by several vulnerabil...
File : safari_5_0_3.nasl - Type : ACT_GATHER_INFO
2010-11-05 Name : The remote Fedora host is missing a security update.
File : fedora_2010-16762.nasl - Type : ACT_GATHER_INFO
2010-11-04 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_7_0_517_44.nasl - Type : ACT_GATHER_INFO
2010-11-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-16605.nasl - Type : ACT_GATHER_INFO
2010-11-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-16622.nasl - Type : ACT_GATHER_INFO
2010-10-28 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_php5-pear-mail-101022.nasl - Type : ACT_GATHER_INFO
2010-10-21 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_e5090d2adbbe11df82f80015f2db7bde.nasl - Type : ACT_GATHER_INFO
2010-10-20 Name : The remote Fedora host is missing a security update.
File : fedora_2010-15957.nasl - Type : ACT_GATHER_INFO
2010-10-20 Name : The remote Fedora host is missing a security update.
File : fedora_2010-15982.nasl - Type : ACT_GATHER_INFO
2010-10-20 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_7_0_517_41.nasl - Type : ACT_GATHER_INFO
2010-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1006-1.nasl - Type : ACT_GATHER_INFO
2010-10-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1001-1.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-193.nasl - Type : ACT_GATHER_INFO
2010-09-28 Name : The remote application server is affected by multiple vulnerabilities.
File : websphere_6_1_0_33.nasl - Type : ACT_GATHER_INFO
2010-09-27 Name : The remote Fedora host is missing a security update.
File : fedora_2010-12250.nasl - Type : ACT_GATHER_INFO
2010-09-21 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14419.nasl - Type : ACT_GATHER_INFO
2010-09-16 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14409.nasl - Type : ACT_GATHER_INFO
2010-09-16 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_lvm2-100812.nasl - Type : ACT_GATHER_INFO
2010-09-12 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2010-13708.nasl - Type : ACT_GATHER_INFO
2010-09-12 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_9bcfd7b6bcda11df9a6a0015f2db7bde.nasl - Type : ACT_GATHER_INFO
2010-09-08 Name : The remote host contains a web browser that is affected by several vulnerabil...
File : macosx_Safari5_0_2.nasl - Type : ACT_GATHER_INFO
2010-09-08 Name : The remote host contains a web browser that is affected by several vulnerabil...
File : safari_5_0_2.nasl - Type : ACT_GATHER_INFO
2010-09-07 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-171.nasl - Type : ACT_GATHER_INFO
2010-09-02 Name : The remote Fedora host is missing a security update.
File : fedora_2010-13239.nasl - Type : ACT_GATHER_INFO
2010-09-02 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_6_0_472_53.nasl - Type : ACT_GATHER_INFO
2010-09-02 Name : The remote host contains an application that has multiple vulnerabilities.
File : itunes_10_0.nasl - Type : ACT_GATHER_INFO
2010-09-02 Name : The remote host contains a multimedia application that has multiple vulnerabi...
File : itunes_10_0_banner.nasl - Type : ACT_GATHER_INFO
2010-08-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2095.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0567.nasl - Type : ACT_GATHER_INFO
2010-07-28 Name : The remote host contains a web browser that is affected by several vulnerabil...
File : macosx_Safari5_0_1.nasl - Type : ACT_GATHER_INFO
2010-07-28 Name : The remote host contains a web browser that is affected by several vulnerabil...
File : safari_5_0_1.nasl - Type : ACT_GATHER_INFO
2010-07-27 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_5_0_375_125.nasl - Type : ACT_GATHER_INFO
2010-06-22 Name : The remote application server is affected by multiple vulnerabilities.
File : websphere_7_0_0_11.nasl - Type : ACT_GATHER_INFO
2010-01-26 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-025.nasl - Type : ACT_GATHER_INFO
2009-12-01 Name : The remote Fedora host is missing a security update.
File : fedora_2009-12348.nasl - Type : ACT_GATHER_INFO
2009-12-01 Name : The remote Fedora host is missing a security update.
File : fedora_2009-12395.nasl - Type : ACT_GATHER_INFO
2009-12-01 Name : The remote Fedora host is missing a security update.
File : fedora_2009-12439.nasl - Type : ACT_GATHER_INFO
1999-11-05 Name : The remote web server is affected by a directory traversal vulnerability.
File : web_traversal.nasl - Type : ACT_ATTACK

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-12-16 13:25:43
  • Multiple Updates
2014-12-12 05:26:35
  • First insertion