All the vulnerabilites related to FUJITSU - ServerView
jvndb-2006-000633
Vulnerability from jvndb
▼ | Vendor | Product |
---|---|---|
FUJITSU | ServerView |
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000633.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "ServerView, server-monitoring software included with Fujitsu servers, contains a cross-site scripting vulnerability.", "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000633.html", "sec:cpe": { "#text": "cpe:/a:fujitsu:serverview", "@product": "ServerView", "@vendor": "FUJITSU", "@version": "2.2" }, "sec:cvss": { "@score": "4.3", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2006-000633", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN76686161/index.html", "@id": "JVN#76686161", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3579", "@id": "CVE-2006-3579", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3579", "@id": "CVE-2006-3579", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/21011", "@id": "SA21011", "@source": "SECUNIA" }, { "#text": "http://osvdb.org/displayvuln.php?osvdb_id=27105", "@id": "27105", "@source": "OSVDB" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-79", "@title": "Cross-site Scripting(CWE-79)" } ], "title": "ServerView cross-site scripting vulnerability" }
jvndb-2014-000045
Vulnerability from jvndb
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000045.html", "dc:date": "2015-05-08T18:01+09:00", "dcterms:issued": "2014-04-25T15:37+09:00", "dcterms:modified": "2015-05-08T18:01+09:00", "description": "Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated.\r\n\r\nNTT-CERT reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.", "link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000045.html", "sec:cpe": [ { "#text": "cpe:/a:apache:struts", "@product": "Apache Struts", "@vendor": "Apache Software Foundation", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:cloud_infrastructure_management_software", "@product": "Cloud Infrastructure Management Software", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:integrated_system_ha_database_ready", "@product": "FUJITSU Integrated System HA Database Ready", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage", "@product": "Interstage", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_application_development_cycle_manager", "@product": "Interstage Application Development Cycle Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_application_framework_suite", "@product": "Interstage Application Framework Suite", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_application_server", "@product": "Interstage Application Server", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_apworks", "@product": "Interstage Apworks", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_business_application_server", "@product": "Interstage Business Application Server", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_interaction_manager", "@product": "Interstage Interaction Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_job_workload_server", "@product": "Interstage Job Workload Server", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_service_integrator", "@product": "Interstage Service Integrator", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_studio", "@product": "Interstage Studio", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:serverview", "@product": "ServerView", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:symfoware", "@product": "Symfoware", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_service_catalog_manager", "@product": "Systemwalker Service Catalog Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_service_quality_coordinator", "@product": "Systemwalker Service Quality Coordinator", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_software_configuration_manager", "@product": "Systemwalker Software Configuration Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:triole", "@product": "TRIOLE", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" } ], "sec:cvss": { "@score": "7.5", "@severity": "High", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2014-000045", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN19294237/index.html", "@id": "JVN#19294237", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094", "@id": "CVE-2014-0094", "@source": "CVE" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112", "@id": "CVE-2014-0112", "@source": "CVE" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0094", "@id": "CVE-2014-0094", "@source": "NVD" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0112", "@id": "CVE-2014-0112", "@source": "NVD" }, { "#text": "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html", "@id": "[Updated] Security Alert for Vulnerability in the \"Apache Struts2\" (CVE-2014-0094)(S2-020)", "@source": "IPA SECURITY ALERTS" }, { "#text": "http://www.kb.cert.org/vuls/id/719225", "@id": "VU#719225", "@source": "CERT-VN" }, { "#text": "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new/", "@id": "Ver 7.3.0.0 - What\u2019s New?", "@source": "Related document" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-DesignError", "@title": "No Mapping(CWE-DesignError)" } ], "title": "Apache Struts vulnerable to ClassLoader manipulation" }
jvndb-2006-000634
Vulnerability from jvndb
▼ | Vendor | Product |
---|---|---|
FUJITSU | ServerView |
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000634.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "ServerView, server monitoring software included in Fujitsu servers, contains a directory traversal vulnerability.", "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000634.html", "sec:cpe": { "#text": "cpe:/a:fujitsu:serverview", "@product": "ServerView", "@vendor": "FUJITSU", "@version": "2.2" }, "sec:cvss": { "@score": "4.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2006-000634", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN73368472/index.html", "@id": "JVN#73368472", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3578", "@id": "CVE-2006-3578", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3578", "@id": "CVE-2006-3578", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/21011", "@id": "SA21011", "@source": "SECUNIA" }, { "#text": "http://osvdb.org/displayvuln.php?osvdb_id=27106", "@id": "27106", "@source": "OSVDB" } ], "title": "ServerView directory traversal vulnerability" }
var-201403-0506
Vulnerability from variot
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method. ** Delete ** This case JVNDB-2014-000045 It was removed because it was found to be duplicated. JVNDB-2014-000045 Please refer to. Apache Struts is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2014-0007 Synopsis: VMware product updates address security vulnerabilities in Apache Struts library Issue date: 2014-06-24 Updated on: 2014-06-24 (Initial Advisory) CVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112
-
Summary
VMware product updates address security vulnerabilities in Apache Struts library
-
Relevant releases
VMware vCenter Operations Management Suite prior to 5.8.2
-
Problem Description
a. The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0050, CVE-2014-0094, and
CVE-2014-0112 to these issues.
CVE-2014-0112 may lead to remote code execution. This issue was
found to be only partially addressed in CVE-2014-0094.
CVE-2014-0050 may lead to a denial of service condition.
vCenter Operations Management Suite (vCOps) is affected by both
CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112
may lead to remote code execution without authentication.
vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not
by CVE-2014-0112.
Workaround
A workaround for CVE-2014-0112 is documented in VMware Knowledge Base
article 2081470.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
vCOPS 5.8.x any vCOPS 5.8.2
vCOPS 5.7.x any patch pending *
vCO 5.5 any patch pending
vCO 5.1 any patch pending
vCO 4.2 any patch pending
*Customers are advised to apply the workaround or update to vCOps
5.8.2.
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Operations Management Suite 5.8.2
Downloads and Documentation: https://www.vmware.com/go/download-vcops
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
http://kb.vmware.com/kb/2081470
- Change log
2014-06-24 VMSA-2014-0007 Initial security advisory in conjunction with the release of vCenter Operations Management Suite 5.8.2 on 2014-06-24.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 15337) Charset: utf-8
wj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM CZ5+DYZAydCjMwVgtKqoo7Y= =Vwu5 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201403-0506", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "struts", "scope": "lt", "trust": 1.8, "vendor": "apache", "version": "2.3.16.1" }, { "model": "struts", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.0.0" }, { "model": "integrated system ha database ready", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business analytics modeling server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business process manager analytics" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "extreme transaction processing server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "mobile manager" }, { "model": "interstage application development cycle manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage service integrator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "analytics server" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "server" }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service quality coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "triole", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "cloud middle set b set" }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.12" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14.2" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.0.11.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.15.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.15.3" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14.3" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.15" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.0.11.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.3.0.0" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.11" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.7" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.14" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.9" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.3.1.0" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.12" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.13" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.10" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11.2" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.3.0.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2" } ], "sources": [ { "db": "BID", "id": "65999" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "CNNVD", "id": "CNNVD-201403-191" }, { "db": "NVD", "id": "CVE-2014-0094" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.16.1", "versionStartIncluding": "2.0.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-0094" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Mark Thomas and Przemyslaw Celej", "sources": [ { "db": "BID", "id": "65999" } ], "trust": 0.3 }, "cve": "CVE-2014-0094", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2014-0094", "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-0094", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201403-191", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2014-0094", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0094" }, { "db": "CNNVD", "id": "CNNVD-201403-191" }, { "db": "NVD", "id": "CVE-2014-0094" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to \"manipulate\" the ClassLoader via the class parameter, which is passed to the getClass method. ** Delete ** This case JVNDB-2014-000045 It was removed because it was found to be duplicated. JVNDB-2014-000045 Please refer to. Apache Struts is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2014-0007\nSynopsis: VMware product updates address security vulnerabilities in \n Apache Struts library \nIssue date: 2014-06-24\nUpdated on: 2014-06-24 (Initial Advisory)\nCVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware product updates address security vulnerabilities in Apache \n Struts library\n\n2. Relevant releases\n\n VMware vCenter Operations Management Suite prior to 5.8.2\n\n3. Problem Description\n\n a. The Apache Struts library is updated to version 2.3.16.2 to \n address multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2014-0050, CVE-2014-0094, and\n CVE-2014-0112 to these issues. \n\n CVE-2014-0112 may lead to remote code execution. This issue was \n found to be only partially addressed in CVE-2014-0094. \n\n CVE-2014-0050 may lead to a denial of service condition. \n\n vCenter Operations Management Suite (vCOps) is affected by both \n CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112\n may lead to remote code execution without authentication. \n\n vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not \n by CVE-2014-0112. \n\n Workaround\n\n A workaround for CVE-2014-0112 is documented in VMware Knowledge Base\n article 2081470. \n\n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is \n available. \n\n VMware Product\tRunning\tReplace with/\n Product Version\ton\tApply Patch\n ============= =======\t=======\t=================\n vCOPS\t 5.8.x \tany \tvCOPS 5.8.2\n vCOPS 5.7.x any patch pending *\n\n vCO 5.5 any patch pending\n vCO 5.1 any patch pending\n vCO 4.2 any patch pending\n\n *Customers are advised to apply the workaround or update to vCOps\n5.8.2. \n\n4. Solution\n\n Please review the patch/release notes for your product and version \n and verify the checksum of your downloaded file. \n\n vCenter Operations Management Suite 5.8.2\n -----------------------------------------\n Downloads and Documentation:\n https://www.vmware.com/go/download-vcops\n \n5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112\n\n http://kb.vmware.com/kb/2081470\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n 2014-06-24 VMSA-2014-0007\n Initial security advisory in conjunction with the release of vCenter\n Operations Management Suite 5.8.2 on 2014-06-24. \n\n- ------------------------------------------------------------------------\n\n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: Encryption Desktop 10.3.2 (Build 15337)\nCharset: utf-8\n\nwj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM\nCZ5+DYZAydCjMwVgtKqoo7Y=\n=Vwu5\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2014-0094" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "BID", "id": "65999" }, { "db": "VULMON", "id": "CVE-2014-0094" }, { "db": "PACKETSTORM", "id": "127215" } ], "trust": 2.07 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41690", "trust": 0.2, "type": "exploit" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0094" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-0094", "trust": 2.9 }, { "db": "SECTRACK", "id": "1029876", "trust": 2.4 }, { "db": "BID", "id": "65999", "trust": 1.9 }, { "db": "PACKETSTORM", "id": "127215", "trust": 1.7 }, { "db": "JVN", "id": "JVN19294237", "trust": 1.6 }, { "db": "SECUNIA", "id": "56440", "trust": 1.6 }, { "db": "SECUNIA", "id": "59178", "trust": 1.6 }, { "db": "JVNDB", "id": "JVNDB-2014-000045", "trust": 1.6 }, { "db": "JVNDB", "id": "JVNDB-2014-001603", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201403-191", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2014-0094", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0094" }, { "db": "BID", "id": "65999" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201403-191" }, { "db": "NVD", "id": "CVE-2014-0094" } ] }, "id": "VAR-201403-0506", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.1875 }, "last_update_date": "2024-04-20T19:59:14.400000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "S2-021", "trust": 0.8, "url": "http://struts.apache.org/release/2.3.x/docs/s2-021.html" }, { "title": "S2-020", "trust": 0.8, "url": "http://struts.apache.org/release/2.3.x/docs/s2-020.html" }, { "title": "CVE-2014-0094 \u4ed6 \u306b\u95a2\u3059\u308b\u5f71\u97ff", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html" }, { "title": "Interstage BPMA\u4ed6 CVE-2014-0094", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_bpma201401.html" }, { "title": "Interstage Application Development Cycle Manager(ADM): struts\u306e\u8106\u5f31\u6027(CVE-2014-0094) (2014\u5e745\u670827\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_aplidevcyclemgr_201401.html" }, { "title": "Symfoware Server\uff08Open\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\uff09: Struts\u306e\u8106\u5f31\u6027(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014\u5e746\u67082\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html" }, { "title": "struts-2.3.16.1-all", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=48603" }, { "title": "Debian CVElist Bug Report Logs: libstruts1.2-java: CVE-2014-0114", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=96f4091aa31a0ece729fdcb110066df5" }, { "title": "Red Hat: CVE-2014-0094", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0094" }, { "title": "VMware Security Advisories: VMware product updates address security vulnerabilities in Apache Struts library", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=3f8f92a767d3e2773247be2d5077cbee" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585" }, { "title": "CVE-2014-0094-test-program-for-struts1", "trust": 0.1, "url": "https://github.com/hasegawatadamitsu/cve-2014-0094-test-program-for-struts1 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0094" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "CNNVD", "id": "CNNVD-201403-191" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2014-0094" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "http://www.securitytracker.com/id/1029876" }, { "trust": 1.6, "url": "http://jvn.jp/en/jp/jvn19294237/index.html" }, { "trust": 1.6, "url": "http://www.securityfocus.com/archive/1/532549/100/0/threaded" }, { "trust": 1.6, "url": "http://jvndb.jvn.jp/jvndb/jvndb-2014-000045" }, { "trust": 1.6, "url": "http://www.vmware.com/security/advisories/vmsa-2014-0007.html" }, { "trust": 1.6, "url": "http://www.securityfocus.com/archive/1/531362/100/0/threaded" }, { "trust": 1.6, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm" }, { "trust": 1.6, "url": "http://secunia.com/advisories/59178" }, { "trust": 1.6, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676706" }, { "trust": 1.6, "url": "http://secunia.com/advisories/56440" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/65999" }, { "trust": 1.6, "url": "http://packetstormsecurity.com/files/127215/vmware-security-advisory-2014-0007.html" }, { "trust": 1.6, "url": "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new" }, { "trust": 1.6, "url": "http://struts.apache.org/release/2.3.x/docs/s2-020.html" }, { "trust": 1.6, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0094" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0094" }, { "trust": 0.3, "url": "http://struts.apache.org/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0050" }, { "trust": 0.1, "url": "https://twitter.com/vmwaresrc" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0112" }, { "trust": 0.1, "url": "https://www.vmware.com/support/policies/lifecycle.html" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/2081470" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0112" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/1055" }, { "trust": 0.1, "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce" }, { "trust": 0.1, "url": "https://www.vmware.com/support/policies/security_response.html" }, { "trust": 0.1, "url": "http://www.vmware.com/security/advisories" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0050" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0094" }, { "trust": 0.1, "url": "https://www.vmware.com/go/download-vcops" } ], "sources": [ { "db": "BID", "id": "65999" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201403-191" }, { "db": "NVD", "id": "CVE-2014-0094" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-0094" }, { "db": "BID", "id": "65999" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201403-191" }, { "db": "NVD", "id": "CVE-2014-0094" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-03-11T00:00:00", "db": "VULMON", "id": "CVE-2014-0094" }, { "date": "2014-03-06T00:00:00", "db": "BID", "id": "65999" }, { "date": "2014-03-12T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "date": "2014-06-25T21:34:12", "db": "PACKETSTORM", "id": "127215" }, { "date": "2014-03-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201403-191" }, { "date": "2014-03-11T13:00:37.107000", "db": "NVD", "id": "CVE-2014-0094" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-12T00:00:00", "db": "VULMON", "id": "CVE-2014-0094" }, { "date": "2015-07-15T00:14:00", "db": "BID", "id": "65999" }, { "date": "2014-06-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "date": "2019-08-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201403-191" }, { "date": "2019-08-12T21:15:12.140000", "db": "NVD", "id": "CVE-2014-0094" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201403-191" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "** Delete ** Apache Struts of ParametersInterceptor In ClassLoader Vulnerability manipulated", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-001603" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-201403-191" } ], "trust": 0.6 } }
var-201404-0287
Vulnerability from variot
CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. This vulnerability CVE-2014-0094 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The " operation (manipulate)" And any code could be executed. Apache Struts is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16.1 are vulnerable
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0287", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "struts", "scope": "lt", "trust": 1.8, "vendor": "apache", "version": "2.3.16.2" }, { "model": "connections", "scope": "eq", "trust": 1.1, "vendor": "ibm", "version": "5.0" }, { "model": "connections", "scope": "eq", "trust": 1.1, "vendor": "ibm", "version": "4.5" }, { "model": "connections", "scope": "eq", "trust": 1.1, "vendor": "ibm", "version": "4.0" }, { "model": "struts", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.0.0" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.4" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.8" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.7" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.16.1" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.16" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.15.3" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.15.2" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.15.1" }, { "model": "connections", "scope": "lte", "trust": 0.8, "vendor": "ibm", "version": "3.0.1.1" }, { "model": "mysql", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "enterprise monitor 2.3.16" }, { "model": "mysql", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "enterprise monitor 3.0.10" }, { "model": "esmpro/servermanager", "scope": "lte", "trust": 0.8, "vendor": "nec", "version": "ver5.75" }, { "model": "infocage", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "pc security" }, { "model": "infocage", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "security risk management v1.0.0 to v2.1.3" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise edition v5.1 to v5.2" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise edition v6.1 to v6.5" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager enterprise v7.1" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager lite v2.0" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager standard v2.0" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "standard edition v5.1 to v5.2" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "standard edition v6.1 to v6.5" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "standard-j edition v5.1 to v5.2" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "standard-j edition v6.1 to v6.5" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "web edition v5.1 to v5.2" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "web edition v6.1 to v6.5" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v7.1" }, { "model": "webotx developer", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "\"v8.2 to v8.4 (with developers studio only )\"" }, { "model": "webotx developer", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "\"v9.1 to v9.2 (with developers studio only )\"" }, { "model": "webotx portal", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v8.3 to v8.4" }, { "model": "webotx portal", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v9.1" }, { "model": "integrated system ha database ready", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business analytics modeling server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business process manager analytics" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "extreme transaction processing server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "mobile manager" }, { "model": "interstage application development cycle manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage service integrator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "analytics server" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "server" }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service quality coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "triole", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "cloud middle set b set" }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.4.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.3" }, { "model": "keybox", "scope": "eq", "trust": 0.3, "vendor": "skavanagh", "version": "2.10.02" }, { "model": "ec2box", "scope": "eq", "trust": 0.3, "vendor": "skavanagh", "version": "0.11.01" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.0.10" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.3.16" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.3.15" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.3.14" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.3.13" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.0" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.3" }, { "model": "sterling web channel", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "sterling web channel", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "sterling selling and fulfillment foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2.1" }, { "model": "sterling selling and fulfillment foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2" }, { "model": "sterling selling and fulfillment foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "sterling selling and fulfillment foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "sterling order management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "sterling field sales", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2.1" }, { "model": "sterling field sales", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2.0" }, { "model": "sterling field sales", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.0" }, { "model": "sterling field sales", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "platform symphony", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "platform symphony", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "platform symphony", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "platform hpc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1.1" }, { "model": "platform hpc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1" }, { "model": "platform hpc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.2" }, { "model": "platform cluster manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1.1" }, { "model": "platform cluster manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1" }, { "model": "platform cluster manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.2" }, { "model": "platform application center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.2" }, { "model": "platform application center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "platform application center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "platform application center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.3" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.00" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.10" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1.1" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1.0" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.5.0.3" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.5.0.2" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.5.0.1" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.5.0.0" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.1.1" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.0.0" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.0.2" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.0.1" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.3.0" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.2.0" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.1.3" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.1.0" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "5.0" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.41" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.6" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.5" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.2" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.14" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.12" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.10" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.9" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.8" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.7" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.6" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.5" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.4" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.3" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.2" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.15" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.14.3" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.14.2" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.14.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.14" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.2" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.4" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.3" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.13" }, { "model": "keybox", "scope": "ne", "trust": 0.3, "vendor": "skavanagh", "version": "2.10.03" }, { "model": "ec2box", "scope": "ne", "trust": 0.3, "vendor": "skavanagh", "version": "0.11.02" }, { "model": "clearpass", "scope": "ne", "trust": 0.3, "vendor": "arubanetworks", "version": "6.3.2" }, { "model": "clearpass", "scope": "ne", "trust": 0.3, "vendor": "arubanetworks", "version": "6.2.6" }, { "model": "clearpass", "scope": "ne", "trust": 0.3, "vendor": "arubanetworks", "version": "6.1.4" }, { "model": "struts", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": "2.3.16.2" } ], "sources": [ { "db": "BID", "id": "67081" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.16.2", "versionStartIncluding": "2.0.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-0113" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Taki Uchiyama, Takeshi Terada, Takayoshi Isayama, Yoshiyuki Karezaki, BAKA/ty, \nShine, NSFOCUS Security Team and heige.", "sources": [ { "db": "BID", "id": "67081" } ], "trust": 0.3 }, "cve": "CVE-2014-0113", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 7.5, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2014-0113", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-0113", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201404-570", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2014-0113", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0113" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. This vulnerability CVE-2014-0094 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The \" operation (manipulate)\" And any code could be executed. Apache Struts is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16.1 are vulnerable", "sources": [ { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "BID", "id": "67081" }, { "db": "VULMON", "id": "CVE-2014-0113" } ], "trust": 1.98 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=33142", "trust": 0.1, "type": "exploit" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0113" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-0113", "trust": 2.8 }, { "db": "SECUNIA", "id": "59178", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2014-002269", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201404-570", "trust": 0.6 }, { "db": "BID", "id": "67081", "trust": 0.3 }, { "db": "EXPLOITDB", "id": "33142", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2014-0113", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0113" }, { "db": "BID", "id": "67081" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "id": "VAR-201404-0287", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.1875 }, "last_update_date": "2023-12-18T11:41:25.261000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security Bulletins S2-021", "trust": 0.8, "url": "https://cwiki.apache.org/confluence/display/ww/s2-021" }, { "title": "Download a Release of Apache Struts -- Full Releases Struts 2.3.16.2", "trust": 0.8, "url": "http://struts.apache.org/download.cgi#struts23162" }, { "title": "1680848", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680848" }, { "title": "1681190", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681190" }, { "title": "NV15-001", "trust": 0.8, "url": "http://jpn.nec.com/security-info/secinfo/nv15-001.html" }, { "title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html" }, { "title": "Oracle Critical Patch Update Advisory - April 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "title": "April 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update" }, { "title": "CVE-2014-0094 \u4ed6 \u306b\u95a2\u3059\u308b\u5f71\u97ff", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html" }, { "title": "Symfoware Server\uff08Open\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\uff09: Struts\u306e\u8106\u5f31\u6027(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014\u5e746\u67082\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html" }, { "title": "FUJITSU Integrated System HA Database Ready: Struts2\u306e\u8106\u5f31\u6027(CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116) (2014\u5e746\u670819\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html" }, { "title": "struts-2.3.16.2-all", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49668" }, { "title": "Red Hat: CVE-2014-0113", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0113" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585" }, { "title": "-maven-security-versions", "trust": 0.1, "url": "https://github.com/nagauker/-maven-security-versions " }, { "title": "maven-security-versions-Travis", "trust": 0.1, "url": "https://github.com/klee94/maven-security-versions-travis " }, { "title": "maven-security-versions", "trust": 0.1, "url": "https://github.com/victims/maven-security-versions " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/tmpgit3000/victims " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/alexsh88/victims " } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0113" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 2.0, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676706" }, { "trust": 1.7, "url": "https://cwiki.apache.org/confluence/display/ww/s2-021" }, { "trust": 1.7, "url": "http://secunia.com/advisories/59178" }, { "trust": 1.7, "url": "http://www.securityfocus.com/archive/1/531952/100/0/threaded" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0113" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0113" }, { "trust": 0.3, "url": "http://www.arubanetworks.com/support/alerts/aid-051414.asc" }, { "trust": 0.3, "url": "https://github.com/skavanagh/ec2box/releases/tag/v0.11.02" }, { "trust": 0.3, "url": "https://github.com/skavanagh/keybox/releases/tag/v2.10.03" }, { "trust": 0.3, "url": "http://struts.apache.org/" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680848" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020896" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020893" }, { "trust": 0.3, "url": "http://struts.apache.org/development/2.x/docs/s2-021.html" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020894" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020895" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/264.html" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33975" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://github.com/victims/maven-security-versions" }, { "trust": 0.1, "url": "https://www.exploit-db.com/exploits/33142/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0113" }, { "db": "BID", "id": "67081" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-0113" }, { "db": "BID", "id": "67081" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-04-29T00:00:00", "db": "VULMON", "id": "CVE-2014-0113" }, { "date": "2014-04-28T00:00:00", "db": "BID", "id": "67081" }, { "date": "2014-04-30T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "date": "2014-04-29T10:37:03.700000", "db": "NVD", "id": "CVE-2014-0113" }, { "date": "2014-04-30T00:00:00", "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-12T00:00:00", "db": "VULMON", "id": "CVE-2014-0113" }, { "date": "2015-05-07T17:38:00", "db": "BID", "id": "67081" }, { "date": "2016-08-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "date": "2019-08-12T21:15:12.563000", "db": "NVD", "id": "CVE-2014-0113" }, { "date": "2019-08-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201404-570" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Struts of CookieInterceptor In ClassLoader Vulnerability manipulated", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-002269" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control issues", "sources": [ { "db": "CNNVD", "id": "CNNVD-201404-570" } ], "trust": 0.6 } }
var-201112-0123
Vulnerability from variot
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. Some programming language implementations do not sufficiently randomize their hash functions or provide means to limit key collision attacks, which can be leveraged by an unauthenticated attacker to cause a denial-of-service (DoS) condition. Oracle Glassfish Calculates the hash value of the form parameter without restricting the assumption of hash collision. (CPU Resource consumption ) There is a vulnerability that becomes a condition.A third party can send a large amount of crafted parameters to disrupt service operation. (CPU Resource consumption ) There is a possibility of being put into a state. Oracle GlassFish Server is prone to a denial-of-service vulnerability. An attacker can exploit this issue by sending specially crafted forms in HTTP POST requests. Oracle GlassFish Server 3.1.1 and prior versions are vulnerable. Content-Disposition: inline
==========================================================================Ubuntu Security Notice USN-1373-1 February 24, 2012
openjdk-6 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Multiple OpenJDK 6 vulnerabilities have been fixed.
Software Description: - openjdk-6: Open Source Java implementation
Details:
It was discovered that the Java HttpServer class did not limit the number of headers read from a HTTP request. A remote attacker could cause a denial of service by sending special requests that trigger hash collisions predictably. (CVE-2011-5035)
ATTENTION: this update changes previous Java HttpServer class behavior by limiting the number of request headers to 200. This may be increased by adjusting the sun.net.httpserver.maxReqHeaders property.
It was discovered that the Java Sound component did not properly check buffer boundaries. A remote attacker could use this to cause a denial of service or view confidential data. (CVE-2011-3563)
It was discovered that the Java2D implementation does not properly check graphics rendering objects before passing them to the native renderer. A remote attacker could use this to cause a denial of service or to bypass Java sandbox restrictions. (CVE-2012-0497)
It was discovered that an off-by-one error exists in the Java ZIP file processing code. An attacker could us this to cause a denial of service through a maliciously crafted ZIP file. (CVE-2012-0501)
It was discovered that the Java AWT KeyboardFocusManager did not properly enforce keyboard focus security policy. A remote attacker could use this with an untrusted application or applet to grab keyboard focus and possibly expose confidential data. (CVE-2012-0502)
It was discovered that the Java TimeZone class did not properly enforce security policy around setting the default time zone. A remote attacker could use this with an untrusted application or applet to set a new default time zone and bypass Java sandbox restrictions. (CVE-2012-0503)
It was discovered the Java ObjectStreamClass did not throw an accurately identifiable exception when a deserialization failure occurred. A remote attacker could use this with an untrusted application or applet to bypass Java sandbox restrictions. (CVE-2012-0505)
It was discovered that the Java CORBA implementation did not properly protect repository identifiers on certain CORBA objects. A remote attacker could use this to corrupt object data. (CVE-2012-0506)
It was discovered that the Java AtomicReferenceArray class implementation did not properly check if an array was of the expected Object[] type. A remote attacker could use this with a malicious application or applet to bypass Java sandbox restrictions. (CVE-2012-0507)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: icedtea-6-jre-cacao 6b23~pre11-0ubuntu1.11.10.2 icedtea-6-jre-jamvm 6b23~pre11-0ubuntu1.11.10.2 openjdk-6-jre 6b23~pre11-0ubuntu1.11.10.2 openjdk-6-jre-headless 6b23~pre11-0ubuntu1.11.10.2 openjdk-6-jre-lib 6b23~pre11-0ubuntu1.11.10.2 openjdk-6-jre-zero 6b23~pre11-0ubuntu1.11.10.2
Ubuntu 11.04: icedtea-6-jre-cacao 6b22-1.10.6-0ubuntu1 icedtea-6-jre-jamvm 6b22-1.10.6-0ubuntu1 openjdk-6-jre 6b22-1.10.6-0ubuntu1 openjdk-6-jre-headless 6b22-1.10.6-0ubuntu1 openjdk-6-jre-lib 6b22-1.10.6-0ubuntu1 openjdk-6-jre-zero 6b22-1.10.6-0ubuntu1
Ubuntu 10.10: icedtea-6-jre-cacao 6b20-1.9.13-0ubuntu1~10.10.1 openjdk-6-jre 6b20-1.9.13-0ubuntu1~10.10.1 openjdk-6-jre-headless 6b20-1.9.13-0ubuntu1~10.10.1 openjdk-6-jre-lib 6b20-1.9.13-0ubuntu1~10.10.1 openjdk-6-jre-zero 6b20-1.9.13-0ubuntu1~10.10.1
Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b20-1.9.13-0ubuntu1~10.04.1 openjdk-6-jre 6b20-1.9.13-0ubuntu1~10.04.1 openjdk-6-jre-headless 6b20-1.9.13-0ubuntu1~10.04.1 openjdk-6-jre-lib 6b20-1.9.13-0ubuntu1~10.04.1 openjdk-6-jre-zero 6b20-1.9.13-0ubuntu1~10.04.1
After a standard system update you need to restart any Java applications or applets to make all the necessary changes.
Release Date: 2012-03-26 Last Updated: 2012-04-02
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.13 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2011-3563 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2011-5035 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0497 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0498 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0499 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0500 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0501 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0502 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2012-0503 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0504 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2012-0505 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0506 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-0507 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities. The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v6.0.14 or subsequent
MANUAL ACTIONS: Yes - Update For Java v6.0.13 and earlier, update to Java v6.0.14 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 =========== Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS Jdk60.JDK60-COM Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W action: install revision 1.6.0.14.00 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) 27 March 2012 Initial release Version:2 (rev.2) 2 April 2012 corrected CVE-2012-0507 score
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Background
IcedTea is a distribution of the Java OpenJDK source code built with free build tools.
CVE-2011-3377 The Iced Tea browser plugin included in the openjdk-6 package does not properly enforce the Same Origin Policy on web content served under a domain name which has a common suffix with the required domain name. This could lead to JVM crash or Java sandbox bypass.
CVE-2012-0505 The Java serialization code leaked references to serialization exceptions, possibly leaking critical objects to untrusted code in Java applets and applications. This could have been used to perform modification of the data that should have been immutable.
For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 6b24-1.11.1-1.
We recommend that you upgrade your openjdk-6 packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30
http://security.gentoo.org/
Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30
Synopsis
Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages
Description
Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details.
Impact
An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code. Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code.
Workaround
There is no known workaround at this time.
Resolution
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version:
# emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea.
NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically.
References
[ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
TITLE: Oracle Multiple Products Web Form Hash Collision Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA47819
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47819/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47819
RELEASE DATE: 2012-02-01
DISCUSS ADVISORY: http://secunia.com/advisories/47819/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47819/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47819
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in multiple Oracle products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within a hash generation function when hashing form posts and updating a hash table.
The vulnerability is reported in the following products: * Oracle Application Server 10g Release 3 version 10.1.3.5.0. * Oracle iPlanet Web Server 7.0. * Oracle iPlanet Web Server (formerly Oracle Java System Web Server) 6.1.
SOLUTION: Apply patch.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2012:0139-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0139.html Issue date: 2012-02-16 CVE Names: CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 =====================================================================
- Summary:
Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit.
This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. (CVE-2011-3563, CVE-2011-3571, CVE-2011-5035, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506)
All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide JDK and JRE 6 Update 31 and resolve these issues. All running instances of Sun Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
788606 - CVE-2011-5035 OpenJDK: HttpServer no header count limit (Lightweight HTTP Server, 7126960) 788624 - CVE-2012-0501 OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283) 788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687) 788994 - CVE-2011-3571 OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299) 789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367) 789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683) 789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700) 789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704) 790720 - CVE-2012-0498 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D) 790722 - CVE-2012-0499 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D) 790724 - CVE-2012-0500 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (Deployment)
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm
Red Hat Desktop version 4 Extras:
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-3563.html https://www.redhat.com/security/data/cve/CVE-2011-3571.html https://www.redhat.com/security/data/cve/CVE-2011-5035.html https://www.redhat.com/security/data/cve/CVE-2012-0498.html https://www.redhat.com/security/data/cve/CVE-2012-0499.html https://www.redhat.com/security/data/cve/CVE-2012-0500.html https://www.redhat.com/security/data/cve/CVE-2012-0501.html https://www.redhat.com/security/data/cve/CVE-2012-0502.html https://www.redhat.com/security/data/cve/CVE-2012-0503.html https://www.redhat.com/security/data/cve/CVE-2012-0505.html https://www.redhat.com/security/data/cve/CVE-2012-0506.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html http://www.oracle.com/technetwork/java/javase/6u31-relnotes-1482342.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFPPVa5XlSAg2UNWIIRAn6xAJ932rg7KVwp+jyL7jwxMvOiZHAqtQCgmt4n dZEXYZPhMUvix7Sd5jUeKng= =Czkl -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201112-0123", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "glassfish server", "scope": "eq", "trust": 2.7, "vendor": "oracle", "version": "3.0.1" }, { "model": "glassfish server", "scope": "eq", "trust": 2.7, "vendor": "oracle", "version": "2.1.1" }, { "model": "glassfish server", "scope": "eq", "trust": 1.7, "vendor": "oracle", "version": "3.1.1" }, { "model": "communications server", "scope": "eq", "trust": 1.1, "vendor": "oracle", "version": "2.0" }, { "model": "weblogic server", "scope": "eq", "trust": 1.1, "vendor": "oracle", "version": "10.3.4" }, { "model": "weblogic server", "scope": "eq", "trust": 1.1, "vendor": "oracle", "version": "9.2.4" }, { "model": "weblogic server", "scope": "eq", "trust": 1.1, "vendor": "oracle", "version": "10.0.2" }, { "model": "glassfish server", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "3.1.1" }, { "model": "jre 1.6.0 03", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 17", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 30", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 18", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 22", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 05", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 28", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 14", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 21", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 20", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 25", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 07", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 18", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 27", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 19", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 03", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 17", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.7.0 2", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 10", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.7.0 2", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 14", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 04", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 04", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 25", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 27", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 15", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 30", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 12", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.7" }, { "model": "jre 1.6.0 02", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 23", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 01", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 06", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 19", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 15", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 07", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 28", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 23", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 11", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 13", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 02", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 05", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 26", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 26", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 21", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 24", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 06", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 11", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 10", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk", "scope": "eq", "trust": 0.9, "vendor": "oracle", "version": "1.7" }, { "model": "jdk 1.6.0 22", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 24", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 13", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "apache tomcat", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "microsoft", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "oracle", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "ruby", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "the php group", "version": null }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.6.8" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.7.3" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.6.8" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.7.3" }, { "model": "java system web server", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "6.1" }, { "model": "application server", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "10g r3 (10.1.3.5.0)" }, { "model": "iplanet web server", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "7.0" }, { "model": "jrockit", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "27.7.1" }, { "model": "jrockit", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "28.2.2" }, { "model": "sun java system application server", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "8.1" }, { "model": "sun java system application server", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "8.2" }, { "model": "weblogic server", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "11gr1 (10.3.3" }, { "model": "weblogic server", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "10.3.5)" }, { "model": "weblogic server", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "12cr1 (12.1.1)" }, { "model": "hp xp p9000 performance advisor software", "scope": "lte", "trust": 0.8, "vendor": "hewlett packard", "version": "5.4.1" }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "enterprise version 6" }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard version 6" }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "version 5" }, { "model": "cosminexus client", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "version 6" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "light version 6" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "professional version 6" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard version 6" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "version 5" }, { "model": "cosminexus developer\u0027s kit for java", "scope": null, "trust": 0.8, "vendor": "hitachi", "version": null }, { "model": "cosminexus primary server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "base" }, { "model": "cosminexus server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "- standard edition version 4" }, { "model": "cosminexus server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "- web edition version 4" }, { "model": "cosminexus studio", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "- standard edition version 4" }, { "model": "cosminexus studio", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "- web edition version 4" }, { "model": "cosminexus studio", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "version 5" }, { "model": "hirdb for java /xml", "scope": null, "trust": 0.8, "vendor": "hitachi", "version": null }, { "model": "developer\u0027s kit for java", "scope": null, "trust": 0.8, "vendor": "hitachi", "version": null }, { "model": "processing kit for xml", "scope": null, "trust": 0.8, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "enterprise" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "express" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "light" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "smart edition" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard-r" }, { "model": "ucosminexus client", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "none" }, { "model": "ucosminexus client", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "for plug-in" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "01" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "light" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "professional" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "professional for plug-in" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard" }, { "model": "ucosminexus operator", "scope": null, "trust": 0.8, "vendor": "hitachi", "version": null }, { "model": "ucosminexus portal framework", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "entry set" }, { "model": "ucosminexus primary server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "base" }, { "model": "ucosminexus service", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "architect" }, { "model": "ucosminexus service", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "platform" }, { "model": "ucosminexus service", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "platform - messaging" }, { "model": "internet navigware server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application development cycle manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "none" }, { "model": "interstage application server", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "plus developer / apworks / studio" }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage form coordinator workflow", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage list manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage list works", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage service integrator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage shunsaku data manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage web server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage xml business activity recorder", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator cloud edition" }, { "model": "success server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker availability view", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop inspection", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker it change manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker it process master", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker operation manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker runbook automation", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service quality coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "jdk 01-b06", "scope": "eq", "trust": 0.6, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 2", "scope": null, "trust": 0.6, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 01", "scope": null, "trust": 0.6, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 20", "scope": null, "trust": 0.6, "vendor": "sun", "version": null }, { "model": "weblogic server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.3.5.0" }, { "model": "jrockit r28.2.2", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "java se sr8 fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "java system web server sp9", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "linux enterprise sdk sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "jrockit r27.6.0-50", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.5.015" }, { "model": "processing kit for xml", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "nonstop server h06.16.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.19.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "enterprise linux as extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "jdk 01", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6" }, { "model": "cosminexus studio web edition", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "-0" }, { "model": "nonstop server j06.08.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.15.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "meeting exchange sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.06" }, { "model": "java se", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "java se", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "cosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "java ibm 64-bit sdk for z/os", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "nonstop server j06.06.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "jdk and jre", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "java system web server sp7", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "nonstop server j06.14", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "jrockit r27.6.2", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "jrockit r27.6.5", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.8" }, { "model": "nonstop server j06.09.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.26", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "glassfish server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.0" }, { "model": "nonstop server j06.04.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura system platform sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7.2" }, { "model": "nonstop server j06.13", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "linux enterprise server sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "weblogic server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "12.1.10" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "enterprise linux extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.1" }, { "model": "nonstop server j06.09.04", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "iplanet web server", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "7.0" }, { "model": "ucosminexus operator", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "linux enterprise server sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.2" }, { "model": "meeting exchange sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53002.0" }, { "model": "meeting exchange", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0.0.52" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "java system application server", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "8.2" }, { "model": "cosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.0" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "nonstop server h06.18.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.15.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.22.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.014" }, { "model": "cosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "nonstop server j06.12.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "ir", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "jrockit r27.6.9", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server j06.05.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.011" }, { "model": "nonstop server j06.08.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.09.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "jrockit r27.6.3", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "nonstop server j06.16", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "ucosminexus client for plug-in", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "java se sr6", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "nonstop server j6.0.14.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2.2" }, { "model": "enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "meeting exchange sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "jrockit r27.1.0", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.3" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "010" }, { "model": "enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "glassfish server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.0" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "jrockit r28.1.4", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "ucosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "ucosminexus service platform messaging", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "-0" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "nonstop server j06.07.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2011" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "nonstop server j06.09.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java system web server sp5", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "jrockit r28.0.0", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "meeting exchange sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "nonstop server j06.10.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "jrockit r27.6.6", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "nonstop server j06.06.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.012" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "nonstop server h06.24.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.4" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "jrockit r27.6.8", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "nonstop server h06.25", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java system web server sp8", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "messaging storage server sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.04" }, { "model": "ucosminexus application server light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "nonstop server h06.15.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java system web server sp4", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "meeting exchange", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "jrockit r27.7.1", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "cosminexus studio", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "java system web server sp10", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "glassfish server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.1" }, { "model": "meeting exchange sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "enterprise linux ws extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "java se sr9", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.0" }, { "model": "jrockit r28.1.1", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.5" }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6" }, { "model": "nonstop server j06.07.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "enterprise linux es extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "message networking sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "linux enterprise server for vmware sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "xp p9000 performance advisor", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "5.5.1" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.010" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.013" }, { "model": "java system web server sp2", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "jrockit r27.6.4", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "nonstop server j06.08.04", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.08.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura system manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "messaging storage server sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "enterprise server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.015" }, { "model": "nonstop server h06.15.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.24", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.018" }, { "model": "cosminexus primary server base", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.019" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.3" }, { "model": "nonstop server h06.16.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "ucosminexus developer professional for plug-in", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "nonstop server h06.18.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.20.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2" }, { "model": "meeting exchange", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "enterprise linux hpc node optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.6" }, { "model": "enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "java ibm 31-bit sdk for z/os", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5" }, { "model": "nonstop server j06.13.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "nonstop server h06.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.3" }, { "model": "enterprise server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "nonstop server h06.19.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java se sr7", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "meeting exchange", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "communication manager sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.5" }, { "model": "esx", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "4.1" }, { "model": "nonstop server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6" }, { "model": "jrockit r28.0.1", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "call management system r", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "15.0" }, { "model": "glassfish server ur1 po1", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7.3" }, { "model": "enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "weblogic server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.3.3" }, { "model": "nonstop server h06.22.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "enterprise linux workstation optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "jrockit r28.1.3", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7.1" }, { "model": "communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.2" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "weblogic server 11gr1", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.020" }, { "model": "iplanet webserver", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "7.0" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "cosminexus studio standard edition", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "-0" }, { "model": "nonstop server h06.19.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "linux enterprise server sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.3" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.03" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6" }, { "model": "glassfish server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.1" }, { "model": "java se", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.7" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.05" }, { "model": "linux enterprise sdk sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2.1" }, { "model": "nonstop server j06.11.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java se sr9-fp2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.0" }, { "model": "java system web server", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "virtual desktop infrastructure", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.2" }, { "model": "nonstop server j06.15", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2011" }, { "model": "messaging application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "glassfish server ur1", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.0" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "nonstop server h06.21.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "jrockit r27.6.7", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.8" }, { "model": "nonstop server h06.20.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7.3" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "rational synergy", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.2.0.3" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "jrockit r27.6.0", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "ucosminexus application server enterprise )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "09-80" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.2" }, { "model": "cosminexus client", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "glassfish server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7.1" }, { "model": "messaging storage server sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "nonstop server j06.05.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java system web server sp3", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "application server 10g r3", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.3.5.0" }, { "model": "nonstop server j06.07.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "java system application server", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "8.1" }, { "model": "nonstop server h06.21.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server h06.19.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux enterprise java sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "xp p9000 performance advisor", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.4.1" }, { "model": "ucosminexus application server smart edition", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.7" }, { "model": "nonstop server j06.11.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.26.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "cosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.021" }, { "model": "jdk and jre", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.0.1" }, { "model": "enterprise linux server optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "desktop extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "nonstop server j06.04.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura conferencing sp1 standard", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "java se sr5", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "nonstop server j06.04.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.2" }, { "model": "nonstop server j06.06.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "ucosminexus primary server base", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.016" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.8" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.4" }, { "model": "nonstop server h06.21.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java se", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.07" }, { "model": "nonstop server j06.06.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.17.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.1" }, { "model": "call management system r", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "16.0" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "network node manager i", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.1" }, { "model": "aura system platform sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "linux enterprise desktop sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "jdk 1.6.0 01-b06", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "cosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "rational synergy", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.0.2" }, { "model": "virtual desktop infrastructure", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.3" }, { "model": "nonstop server h06.20.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "ucosminexus client", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "conferencing standard edition", "scope": "ne", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "nonstop server j06.10.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "enterprise linux desktop optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "nonstop server h06.17.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "jdk update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6.017" }, { "model": "enterprise linux hpc node supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "ucosminexus application server standard-r", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "java system web server sp11", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "enterprise linux hpc node", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "nonstop server h06.16.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "rational synergy", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.5" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.4" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.2" }, { "model": "java system web server sp1", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "nonstop server j06.05.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7" }, { "model": "linux enterprise java sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "java se sr1", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "nonstop server h06.20.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "cosminexus developer no version", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.1" }, { "model": "nonstop server j06.09.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "linux enterprise desktop sp1 for sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "nonstop server h06.17.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.08.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "aura conferencing standard", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "rational synergy", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.6" }, { "model": "nonstop server j06.10.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java system web server sp6", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.1" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "nonstop server h06.25.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.18.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "cosminexus application server no version", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "weblogic server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.3.60" }, { "model": "nonstop server h06.27", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java se sr10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "nonstop server h06.17.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.14.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7.2" } ], "sources": [ { "db": "CERT/CC", "id": "VU#903934" }, { "db": "BID", "id": "51194" }, { "db": "JVNDB", "id": "JVNDB-2011-003567" }, { "db": "CNNVD", "id": "CNNVD-201112-502" }, { "db": "NVD", "id": "CVE-2011-5035" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.1.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2011-5035" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Alexander Klink, n.runs AG and Julian Waumllde, Technische Universit Darmstadt", "sources": [ { "db": "BID", "id": "51194" } ], "trust": 0.3 }, "cve": "CVE-2011-5035", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2011-5035", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2011-5035", "trust": 1.8, "value": "MEDIUM" }, { "author": "CARNEGIE MELLON", "id": "VU#903934", "trust": 0.8, "value": "10.80" }, { "author": "CNNVD", "id": "CNNVD-201112-502", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2011-5035", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#903934" }, { "db": "VULMON", "id": "CVE-2011-5035" }, { "db": "JVNDB", "id": "JVNDB-2011-003567" }, { "db": "CNNVD", "id": "CNNVD-201112-502" }, { "db": "NVD", "id": "CVE-2011-5035" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. Some programming language implementations do not sufficiently randomize their hash functions or provide means to limit key collision attacks, which can be leveraged by an unauthenticated attacker to cause a denial-of-service (DoS) condition. Oracle Glassfish Calculates the hash value of the form parameter without restricting the assumption of hash collision. (CPU Resource consumption ) There is a vulnerability that becomes a condition.A third party can send a large amount of crafted parameters to disrupt service operation. (CPU Resource consumption ) There is a possibility of being put into a state. Oracle GlassFish Server is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue by sending specially crafted forms in HTTP POST requests. \nOracle GlassFish Server 3.1.1 and prior versions are vulnerable. Content-Disposition: inline\n\n==========================================================================Ubuntu Security Notice USN-1373-1\nFebruary 24, 2012\n\nopenjdk-6 vulnerabilities\n==========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 11.10\n- Ubuntu 11.04\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n\nSummary:\n\nMultiple OpenJDK 6 vulnerabilities have been fixed. \n\nSoftware Description:\n- openjdk-6: Open Source Java implementation\n\nDetails:\n\nIt was discovered that the Java HttpServer class did not limit the\nnumber of headers read from a HTTP request. A remote attacker could\ncause a denial of service by sending special requests that trigger\nhash collisions predictably. (CVE-2011-5035)\n\nATTENTION: this update changes previous Java HttpServer class behavior\nby limiting the number of request headers to 200. This may be increased\nby adjusting the sun.net.httpserver.maxReqHeaders property. \n\nIt was discovered that the Java Sound component did not properly\ncheck buffer boundaries. A remote attacker could use this to cause\na denial of service or view confidential data. (CVE-2011-3563)\n\nIt was discovered that the Java2D implementation does not properly\ncheck graphics rendering objects before passing them to the native\nrenderer. A remote attacker could use this to cause a denial of\nservice or to bypass Java sandbox restrictions. (CVE-2012-0497)\n\nIt was discovered that an off-by-one error exists in the Java ZIP\nfile processing code. An attacker could us this to cause a denial of\nservice through a maliciously crafted ZIP file. (CVE-2012-0501)\n\nIt was discovered that the Java AWT KeyboardFocusManager did not\nproperly enforce keyboard focus security policy. A remote attacker\ncould use this with an untrusted application or applet to grab keyboard\nfocus and possibly expose confidential data. (CVE-2012-0502)\n\nIt was discovered that the Java TimeZone class did not properly enforce\nsecurity policy around setting the default time zone. A remote attacker\ncould use this with an untrusted application or applet to set a new\ndefault time zone and bypass Java sandbox restrictions. (CVE-2012-0503)\n\nIt was discovered the Java ObjectStreamClass did not throw\nan accurately identifiable exception when a deserialization\nfailure occurred. A remote attacker could use this with\nan untrusted application or applet to bypass Java sandbox\nrestrictions. (CVE-2012-0505)\n\nIt was discovered that the Java CORBA implementation did not properly\nprotect repository identifiers on certain CORBA objects. A remote\nattacker could use this to corrupt object data. (CVE-2012-0506)\n\nIt was discovered that the Java AtomicReferenceArray class\nimplementation did not properly check if an array was of\nthe expected Object[] type. A remote attacker could use this\nwith a malicious application or applet to bypass Java sandbox\nrestrictions. (CVE-2012-0507)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 11.10:\n icedtea-6-jre-cacao 6b23~pre11-0ubuntu1.11.10.2\n icedtea-6-jre-jamvm 6b23~pre11-0ubuntu1.11.10.2\n openjdk-6-jre 6b23~pre11-0ubuntu1.11.10.2\n openjdk-6-jre-headless 6b23~pre11-0ubuntu1.11.10.2\n openjdk-6-jre-lib 6b23~pre11-0ubuntu1.11.10.2\n openjdk-6-jre-zero 6b23~pre11-0ubuntu1.11.10.2\n\nUbuntu 11.04:\n icedtea-6-jre-cacao 6b22-1.10.6-0ubuntu1\n icedtea-6-jre-jamvm 6b22-1.10.6-0ubuntu1\n openjdk-6-jre 6b22-1.10.6-0ubuntu1\n openjdk-6-jre-headless 6b22-1.10.6-0ubuntu1\n openjdk-6-jre-lib 6b22-1.10.6-0ubuntu1\n openjdk-6-jre-zero 6b22-1.10.6-0ubuntu1\n\nUbuntu 10.10:\n icedtea-6-jre-cacao 6b20-1.9.13-0ubuntu1~10.10.1\n openjdk-6-jre 6b20-1.9.13-0ubuntu1~10.10.1\n openjdk-6-jre-headless 6b20-1.9.13-0ubuntu1~10.10.1\n openjdk-6-jre-lib 6b20-1.9.13-0ubuntu1~10.10.1\n openjdk-6-jre-zero 6b20-1.9.13-0ubuntu1~10.10.1\n\nUbuntu 10.04 LTS:\n icedtea-6-jre-cacao 6b20-1.9.13-0ubuntu1~10.04.1\n openjdk-6-jre 6b20-1.9.13-0ubuntu1~10.04.1\n openjdk-6-jre-headless 6b20-1.9.13-0ubuntu1~10.04.1\n openjdk-6-jre-lib 6b20-1.9.13-0ubuntu1~10.04.1\n openjdk-6-jre-zero 6b20-1.9.13-0ubuntu1~10.04.1\n\nAfter a standard system update you need to restart any Java applications\nor applets to make all the necessary changes. \n\nRelease Date: 2012-03-26\nLast Updated: 2012-04-02\n\n ------------------------------------------------------------------------------\n\nPotential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.13 or earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2011-3563 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4\nCVE-2011-5035 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-0497 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-0498 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-0499 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-0500 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-0501 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-0502 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4\nCVE-2012-0503 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2012-0504 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2012-0505 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2012-0506 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2012-0507 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following Java version upgrades to resolve these vulnerabilities. \nThe upgrades are available from the following location\n\nhttp://www.hp.com/go/java\n\nHP-UX B.11.11, B.11.23, B.11.31\n JDK and JRE v6.0.14 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v6.0.13 and earlier, update to Java v6.0.14 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJre60.JRE60-COM\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\nJre60.JRE60-PA20\nJre60.JRE60-PA20-HS\nJre60.JRE60-PA20W\nJre60.JRE60-PA20W-HS\nJdk60.JDK60-COM\nJdk60.JDK60-IPF32\nJdk60.JDK60-IPF64\nJdk60.JDK60-PA20\nJdk60.JDK60-PA20W\naction: install revision 1.6.0.14.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 27 March 2012 Initial release\nVersion:2 (rev.2) 2 April 2012 corrected CVE-2012-0507 score\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2012 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. \n\nCVE-2011-3377\n\tThe Iced Tea browser plugin included in the openjdk-6 package\n\tdoes not properly enforce the Same Origin Policy on web content\n\tserved under a domain name which has a common suffix with the\n\trequired domain name. \n\tThis could lead to JVM crash or Java sandbox bypass. \n\nCVE-2012-0505\n\tThe Java serialization code leaked references to serialization\n\texceptions, possibly leaking critical objects to untrusted\n\tcode in Java applets and applications. This could\n\thave been used to perform modification of the data that should\n\thave been immutable. \n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 6b24-1.11.1-1. \n\nWe recommend that you upgrade your openjdk-6 packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201401-30\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Oracle JRE/JDK: Multiple vulnerabilities\n Date: January 27, 2014\n Bugs: #404071, #421073, #433094, #438706, #451206, #455174,\n #458444, #460360, #466212, #473830, #473980, #488210, #498148\n ID: 201401-30\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the Oracle JRE/JDK,\nallowing attackers to cause unspecified impact. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/sun-jdk \u003c= 1.6.0.45 Vulnerable!\n 2 dev-java/oracle-jdk-bin \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n 3 dev-java/sun-jre-bin \u003c= 1.6.0.45 Vulnerable!\n 4 dev-java/oracle-jre-bin \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n 5 app-emulation/emul-linux-x86-java\n \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n NOTE: Packages marked with asterisks require manual intervention!\n -------------------------------------------------------------------\n 5 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been reported in the Oracle Java\nimplementation. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nAn unauthenticated, remote attacker could exploit these vulnerabilities\nto execute arbitrary code. \nFurthermore, a local or remote attacker could exploit these\nvulnerabilities to cause unspecified impact, possibly including remote\nexecution of arbitrary code. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Oracle JDK 1.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jdk-bin-1.7.0.51\"\n\nAll Oracle JRE 1.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jre-bin-1.7.0.51\"\n\nAll users of the precompiled 32-bit Oracle JRE should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge -a -1 -v \"\u003e=app-emulation/emul-linux-x86-java-1.7.0.51\"\n\nAll Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one\nof the newer Oracle packages like dev-java/oracle-jdk-bin or\ndev-java/oracle-jre-bin or choose another alternative we provide; eg. \nthe IBM JDK/JRE or the open source IcedTea. \n\nNOTE: As Oracle has revoked the DLJ license for its Java\nimplementation, the packages can no longer be updated automatically. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 2 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 3 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 4 ] CVE-2012-0498\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498\n[ 5 ] CVE-2012-0499\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499\n[ 6 ] CVE-2012-0500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500\n[ 7 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 8 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 9 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 10 ] CVE-2012-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504\n[ 11 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 12 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 13 ] CVE-2012-0507\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507\n[ 14 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 15 ] CVE-2012-1531\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531\n[ 16 ] CVE-2012-1532\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532\n[ 17 ] CVE-2012-1533\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533\n[ 18 ] CVE-2012-1541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541\n[ 19 ] CVE-2012-1682\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682\n[ 20 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 21 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 22 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 23 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 24 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 25 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 26 ] CVE-2012-1721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721\n[ 27 ] CVE-2012-1722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722\n[ 28 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 29 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 30 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 31 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 32 ] CVE-2012-3136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136\n[ 33 ] CVE-2012-3143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143\n[ 34 ] CVE-2012-3159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159\n[ 35 ] CVE-2012-3174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174\n[ 36 ] CVE-2012-3213\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213\n[ 37 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 38 ] CVE-2012-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342\n[ 39 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 40 ] CVE-2012-4681\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681\n[ 41 ] CVE-2012-5067\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067\n[ 42 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 43 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 44 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 45 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 46 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 47 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 48 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 49 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 50 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 51 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 52 ] CVE-2012-5079\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079\n[ 53 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 54 ] CVE-2012-5083\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083\n[ 55 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 56 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 57 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 58 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 59 ] CVE-2012-5088\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088\n[ 60 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 61 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 62 ] CVE-2013-0351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351\n[ 63 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 64 ] CVE-2013-0402\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402\n[ 65 ] CVE-2013-0409\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409\n[ 66 ] CVE-2013-0419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419\n[ 67 ] CVE-2013-0422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422\n[ 68 ] CVE-2013-0423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423\n[ 69 ] CVE-2013-0430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430\n[ 70 ] CVE-2013-0437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437\n[ 71 ] CVE-2013-0438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438\n[ 72 ] CVE-2013-0445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445\n[ 73 ] CVE-2013-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446\n[ 74 ] CVE-2013-0448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448\n[ 75 ] CVE-2013-0449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449\n[ 76 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 77 ] CVE-2013-1473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473\n[ 78 ] CVE-2013-1479\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479\n[ 79 ] CVE-2013-1481\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481\n[ 80 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 81 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 82 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 83 ] CVE-2013-1487\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487\n[ 84 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 85 ] CVE-2013-1491\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491\n[ 86 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 87 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 88 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 89 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 90 ] CVE-2013-1540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540\n[ 91 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 92 ] CVE-2013-1558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558\n[ 93 ] CVE-2013-1561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561\n[ 94 ] CVE-2013-1563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563\n[ 95 ] CVE-2013-1564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564\n[ 96 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 97 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 98 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 99 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 100 ] CVE-2013-2394\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394\n[ 101 ] CVE-2013-2400\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400\n[ 102 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 103 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 104 ] CVE-2013-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414\n[ 105 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 106 ] CVE-2013-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416\n[ 107 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 108 ] CVE-2013-2418\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418\n[ 109 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 110 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 111 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 112 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 113 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 114 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 115 ] CVE-2013-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425\n[ 116 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 117 ] CVE-2013-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427\n[ 118 ] CVE-2013-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428\n[ 119 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 120 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 121 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 122 ] CVE-2013-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432\n[ 123 ] CVE-2013-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433\n[ 124 ] CVE-2013-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434\n[ 125 ] CVE-2013-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435\n[ 126 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 127 ] CVE-2013-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437\n[ 128 ] CVE-2013-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438\n[ 129 ] CVE-2013-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439\n[ 130 ] CVE-2013-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440\n[ 131 ] CVE-2013-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442\n[ 132 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 133 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 134 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 135 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 136 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 137 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 138 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 139 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 140 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 141 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 142 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 143 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 144 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 145 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 146 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 147 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 148 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 149 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 150 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 151 ] CVE-2013-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462\n[ 152 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 153 ] CVE-2013-2464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464\n[ 154 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 155 ] CVE-2013-2466\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466\n[ 156 ] CVE-2013-2467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467\n[ 157 ] CVE-2013-2468\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468\n[ 158 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 159 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 160 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 161 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 162 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 163 ] CVE-2013-3743\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743\n[ 164 ] CVE-2013-3744\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744\n[ 165 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 166 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 167 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 168 ] CVE-2013-5775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775\n[ 169 ] CVE-2013-5776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776\n[ 170 ] CVE-2013-5777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777\n[ 171 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 172 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 173 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 174 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 175 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 176 ] CVE-2013-5787\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787\n[ 177 ] CVE-2013-5788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788\n[ 178 ] CVE-2013-5789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789\n[ 179 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 180 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 181 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 182 ] CVE-2013-5801\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801\n[ 183 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 184 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 185 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 186 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 187 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 188 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 189 ] CVE-2013-5810\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810\n[ 190 ] CVE-2013-5812\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812\n[ 191 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 192 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 193 ] CVE-2013-5818\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818\n[ 194 ] CVE-2013-5819\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819\n[ 195 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 196 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 197 ] CVE-2013-5824\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824\n[ 198 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 199 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 200 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 201 ] CVE-2013-5831\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831\n[ 202 ] CVE-2013-5832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832\n[ 203 ] CVE-2013-5838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838\n[ 204 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 205 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 206 ] CVE-2013-5843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843\n[ 207 ] CVE-2013-5844\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844\n[ 208 ] CVE-2013-5846\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846\n[ 209 ] CVE-2013-5848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848\n[ 210 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 211 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 212 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 213 ] CVE-2013-5852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852\n[ 214 ] CVE-2013-5854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854\n[ 215 ] CVE-2013-5870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870\n[ 216 ] CVE-2013-5878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878\n[ 217 ] CVE-2013-5887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887\n[ 218 ] CVE-2013-5888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888\n[ 219 ] CVE-2013-5889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889\n[ 220 ] CVE-2013-5893\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893\n[ 221 ] CVE-2013-5895\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895\n[ 222 ] CVE-2013-5896\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896\n[ 223 ] CVE-2013-5898\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898\n[ 224 ] CVE-2013-5899\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899\n[ 225 ] CVE-2013-5902\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902\n[ 226 ] CVE-2013-5904\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904\n[ 227 ] CVE-2013-5905\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905\n[ 228 ] CVE-2013-5906\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906\n[ 229 ] CVE-2013-5907\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907\n[ 230 ] CVE-2013-5910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910\n[ 231 ] CVE-2014-0368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368\n[ 232 ] CVE-2014-0373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373\n[ 233 ] CVE-2014-0375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375\n[ 234 ] CVE-2014-0376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376\n[ 235 ] CVE-2014-0382\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382\n[ 236 ] CVE-2014-0385\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385\n[ 237 ] CVE-2014-0387\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387\n[ 238 ] CVE-2014-0403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403\n[ 239 ] CVE-2014-0408\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408\n[ 240 ] CVE-2014-0410\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410\n[ 241 ] CVE-2014-0411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411\n[ 242 ] CVE-2014-0415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415\n[ 243 ] CVE-2014-0416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416\n[ 244 ] CVE-2014-0417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417\n[ 245 ] CVE-2014-0418\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418\n[ 246 ] CVE-2014-0422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422\n[ 247 ] CVE-2014-0423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423\n[ 248 ] CVE-2014-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424\n[ 249 ] CVE-2014-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201401-30.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nOracle Multiple Products Web Form Hash Collision Denial of Service\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA47819\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47819/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47819\n\nRELEASE DATE:\n2012-02-01\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47819/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47819/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47819\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in multiple Oracle products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error within a hash generation\nfunction when hashing form posts and updating a hash table. \n\nThe vulnerability is reported in the following products:\n* Oracle Application Server 10g Release 3 version 10.1.3.5.0. \n* Oracle iPlanet Web Server 7.0. \n* Oracle iPlanet Web Server (formerly Oracle Java System Web Server)\n6.1. \n\nSOLUTION:\nApply patch. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.6.0-sun security update\nAdvisory ID: RHSA-2012:0139-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-0139.html\nIssue date: 2012-02-16\nCVE Names: CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 \n CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 \n CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 \n CVE-2012-0505 CVE-2012-0506 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.6.0-sun packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and\nthe Sun Java 6 Software Development Kit. \n\nThis update fixes several vulnerabilities in the Sun Java 6 Runtime\nEnvironment and the Sun Java 6 Software Development Kit. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch page, listed in the References section. (CVE-2011-3563,\nCVE-2011-3571, CVE-2011-5035, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500,\nCVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506)\n\nAll users of java-1.6.0-sun are advised to upgrade to these updated\npackages, which provide JDK and JRE 6 Update 31 and resolve these issues. \nAll running instances of Sun Java must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n788606 - CVE-2011-5035 OpenJDK: HttpServer no header count limit (Lightweight HTTP Server, 7126960)\n788624 - CVE-2012-0501 OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283)\n788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687)\n788994 - CVE-2011-3571 OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299)\n789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367)\n789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683)\n789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700)\n789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704)\n790720 - CVE-2012-0498 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D)\n790722 - CVE-2012-0499 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D)\n790724 - CVE-2012-0500 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (Deployment)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6):\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-3563.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3571.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-5035.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0498.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0499.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0500.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0501.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0502.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0503.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0505.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0506.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html\nhttp://www.oracle.com/technetwork/java/javase/6u31-relnotes-1482342.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFPPVa5XlSAg2UNWIIRAn6xAJ932rg7KVwp+jyL7jwxMvOiZHAqtQCgmt4n\ndZEXYZPhMUvix7Sd5jUeKng=\n=Czkl\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. HP has updated the Apache Tomcat and Oracle database software to\naddress vulnerabilities affecting confidentiality, availability, and\nintegrity", "sources": [ { "db": "NVD", "id": "CVE-2011-5035" }, { "db": "CERT/CC", "id": "VU#903934" }, { "db": "JVNDB", "id": "JVNDB-2011-003567" }, { "db": "BID", "id": "51194" }, { "db": "VULMON", "id": "CVE-2011-5035" }, { "db": "PACKETSTORM", "id": "110181" }, { "db": "PACKETSTORM", "id": "111624" }, { "db": "PACKETSTORM", "id": "127267" }, { "db": "PACKETSTORM", "id": "110284" }, { "db": "PACKETSTORM", "id": "112144" }, { "db": "PACKETSTORM", "id": "113170" }, { "db": "PACKETSTORM", "id": "124943" }, { "db": "PACKETSTORM", "id": "109353" }, { "db": "PACKETSTORM", "id": "109834" }, { "db": "PACKETSTORM", "id": "125436" } ], "trust": 3.6 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=2012", "trust": 0.1, "type": "exploit" } ], "sources": [ { "db": "VULMON", "id": "CVE-2011-5035" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-5035", "trust": 3.8 }, { "db": "CERT/CC", "id": "VU#903934", "trust": 3.3 }, { "db": "OCERT", "id": "OCERT-2011-003", "trust": 2.8 }, { "db": "SECUNIA", "id": "48589", "trust": 1.1 }, { "db": "SECUNIA", "id": "57126", "trust": 1.1 }, { "db": "SECUNIA", "id": "48073", "trust": 1.1 }, { "db": "SECUNIA", "id": "48074", "trust": 1.1 }, { "db": "SECUNIA", "id": "48950", "trust": 1.1 }, { "db": "JVNDB", "id": "JVNDB-2011-003567", "trust": 0.8 }, { "db": "NSFOCUS", "id": "19347", "trust": 0.6 }, { "db": "NSFOCUS", "id": "19819", "trust": 0.6 }, { "db": "NSFOCUS", "id": "19290", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201112-502", "trust": 0.6 }, { "db": "BID", "id": "51194", "trust": 0.4 }, { "db": "HITACHI", "id": "HS12-007", "trust": 0.3 }, { "db": "SECUNIA", "id": "47819", "trust": 0.2 }, { "db": "EXPLOIT-DB", "id": "2012", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2011-5035", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "110181", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "111624", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127267", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "110284", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "112144", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "113170", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "124943", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109353", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109834", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "125436", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#903934" }, { "db": "VULMON", "id": "CVE-2011-5035" }, { "db": "BID", "id": "51194" }, { "db": "JVNDB", "id": "JVNDB-2011-003567" }, { "db": "PACKETSTORM", "id": "110181" }, { "db": "PACKETSTORM", "id": "111624" }, { "db": "PACKETSTORM", "id": "127267" }, { "db": "PACKETSTORM", "id": "110284" }, { "db": "PACKETSTORM", "id": "112144" }, { "db": "PACKETSTORM", "id": "113170" }, { "db": "PACKETSTORM", "id": "124943" }, { "db": "PACKETSTORM", "id": "109353" }, { "db": "PACKETSTORM", "id": "109834" }, { "db": "PACKETSTORM", "id": "125436" }, { "db": "CNNVD", "id": "CNNVD-201112-502" }, { "db": "NVD", "id": "CVE-2011-5035" } ] }, "id": "VAR-201112-0123", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.26205936 }, "last_update_date": "2024-07-23T20:42:32.055000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "HT5228", "trust": 0.8, "url": "http://support.apple.com/kb/ht5228" }, { "title": "HT1338", "trust": 0.8, "url": "http://support.apple.com/kb/ht1338?viewlocale=ja_jp" }, { "title": "HT5228", "trust": 0.8, "url": "http://support.apple.com/kb/ht5228?viewlocale=ja_jp" }, { "title": "HS12-007", "trust": 0.8, "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-007/index.html" }, { "title": "HPSBST02955 SSRT101157", "trust": 0.8, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c04047415" }, { "title": "Text Form of Oracle Critical Patch Update - January 2013 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujan2013verbose-1897756.html" }, { "title": "Oracle Critical Patch Update Advisory - April 2012", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html" }, { "title": "Oracle Critical Patch Update Advisory - January 2012", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html" }, { "title": "Oracle Critical Patch Update Advisory - January 2013", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html" }, { "title": "Oracle Security Alert for CVE-2011-5035", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html" }, { "title": "RHSA-2013:1455", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html" }, { "title": "January 2012 Critical Patch Update Released", "trust": 0.8, "url": "http://blogs.oracle.com/security/entry/january_2012_critical_patch_update" }, { "title": "January 2013 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/january_2013_critical_patch_update" }, { "title": "interstage_as_201201", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201201.html" }, { "title": "HS12-007", "trust": 0.8, "url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-007/index.html" }, { "title": "Red Hat: Important: java-1.6.0-openjdk security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120322 - security advisory" }, { "title": "Red Hat: Critical: java-1.6.0-openjdk security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120135 - security advisory" }, { "title": "Red Hat: Critical: java-1.6.0-sun security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120139 - security advisory" }, { "title": "Red Hat: Critical: java-1.6.0-ibm security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120514 - security advisory" }, { "title": "Ubuntu Security Notice: openjdk-6b18 vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1373-2" }, { "title": "Ubuntu Security Notice: openjdk-6 vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1373-1" }, { "title": "Amazon Linux AMI: ALAS-2012-043", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2012-043" }, { "title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20131455 - security advisory" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/oracle-patches-88-vulnerabilities-including-some-allow-remote-exploits-without-authentication/76457/" }, { "title": "welivesecurity", "trust": 0.1, "url": "https://www.welivesecurity.com/2012/04/05/mac-flashback-trojan-java-update/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2011-5035" }, { "db": "JVNDB", "id": "JVNDB-2011-003567" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-003567" }, { "db": "NVD", "id": "CVE-2011-5035" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.8, "url": "http://www.ocert.org/advisories/ocert-2011-003.html" }, { "trust": 2.8, "url": "http://www.nruns.com/_downloads/advisory28122011.pdf" }, { "trust": 2.5, "url": "http://www.kb.cert.org/vuls/id/903934" }, { "trust": 1.4, "url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html" }, { "trust": 1.4, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html" }, { "trust": 1.2, "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" }, { "trust": 1.2, "url": "http://rhn.redhat.com/errata/rhsa-2012-0514.html" }, { "trust": 1.1, "url": "https://github.com/firefart/hashcollision-dos-poc/blob/master/hashtablepoc.py" }, { "trust": 1.1, "url": "http://secunia.com/advisories/48589" }, { "trust": 1.1, "url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html" }, { "trust": 1.1, "url": "http://secunia.com/advisories/48950" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:150" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html" }, { "trust": 1.1, "url": "http://www.debian.org/security/2012/dsa-2420" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2" }, { "trust": 1.1, "url": "http://secunia.com/advisories/57126" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16908" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html" }, { "trust": 1.1, "url": "http://secunia.com/advisories/48073" }, { "trust": 1.1, "url": "http://secunia.com/advisories/48074" }, { "trust": 0.8, "url": "http://www.cs.rice.edu/~scrosby/hash/crosbywallach_usenixsec2003.pdf" }, { "trust": 0.8, "url": "http://technet.microsoft.com/en-us/security/bulletin/ms11-100.mspx" }, { "trust": 0.8, "url": "http://blogs.technet.com/b/srd/archive/2011/12/27/more-information-about-the-december-2011-asp-net-vulnerability.aspx" }, { "trust": 0.8, "url": "http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/391606" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5035" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20120106-web.html" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu903934" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu514315/" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5035" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-5035" }, { "trust": 0.7, "url": "http://www.ibm.com/developerworks/java/jdk/alerts/" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0505" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0503" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0501" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3563" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0506" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0502" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0497" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0507" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/19347" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/19290" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/19819" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0499" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0500" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0498" }, { "trust": 0.4, "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html" }, { "trust": 0.4, "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html" }, { "trust": 0.3, "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03350339" }, { "trust": 0.3, "url": "http://www.oracle.com/us/products/middleware/application-server/oracle-glassfish-server/index.html" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm59971" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm59978" }, { "trust": 0.3, "url": "http://support.avaya.com/css/p8/documents/100159245" }, { "trust": 0.3, "url": "http://downloads.avaya.com/css/p8/documents/100160575" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100160941" }, { "trust": 0.3, "url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03254184\u0026ac.admitted=1332960372864.876444892.199480143" }, { "trust": 0.3, "url": "http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03254184\u0026ac.admitted=1333452463922.876444892.492883150" }, { "trust": 0.3, "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-007/index.html" }, { "trust": 0.3, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0504" }, { "trust": 0.2, "url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.2, "url": "https://www.hp.com/go/swa" }, { "trust": 0.2, "url": "http://www.hp.com/go/java" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422" }, { "trust": 0.2, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797" }, { "trust": 0.2, "url": "http://security.gentoo.org/" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817" }, { "trust": 0.2, "url": "https://bugs.gentoo.org." }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455" }, { "trust": 0.2, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-0503.html" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-0502.html" }, { "trust": 0.2, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-0498.html" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2011-3563.html" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-0500.html" }, { "trust": 0.2, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.2, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2011-5035.html" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-0499.html" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-0505.html" }, { "trust": 0.2, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-0506.html" }, { "trust": 0.2, "url": "http://bugzilla.redhat.com/):" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-0501.html" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/20.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.securityfocus.com/bid/51194" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2012:0322" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/1373-2/" }, { "trust": 0.1, "url": "https://www.exploit-db.com/exploits/2012/" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=25553" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b23~pre11-0ubuntu1.11.10.2" }, { "trust": 0.1, "url": "http://www.ubuntu.com/usn/usn-1373-1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b22-1.10.6-0ubuntu1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b20-1.9.13-0ubuntu1~10.10.1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b20-1.9.13-0ubuntu1~10.04.1" }, { "trust": 0.1, "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3377" }, { "trust": 0.1, "url": "http://www.debian.org/security/faq" }, { "trust": 0.1, "url": "http://www.debian.org/security/" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0497.html" }, { "trust": 0.1, "url": "https://access.redhat.com/knowledge/articles/11258" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0507.html" }, { "trust": 0.1, "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1541" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1719" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1533" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201401-30.xml" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0547" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1532" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1723" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1717" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1722" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1716" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1718" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1531" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1711" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1713" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1682" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1721" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088" }, { "trust": 0.1, "url": "http://secunia.com/company/jobs/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/47819/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47819" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/advisories/47819/#comments" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "https://access.redhat.com/kb/docs/doc-11259" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3571.html" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2012-0139.html" }, { "trust": 0.1, "url": "http://www.oracle.com/technetwork/java/javase/6u31-relnotes-1482342.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3571" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2204" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2370" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0002" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3548" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2526" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2902" }, { "trust": 0.1, "url": "http://www.hp.com" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0534" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3718" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6286" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5333" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3190" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5342" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2693" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5461" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2227" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1232" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-5063" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1947" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1184" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-5064" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4172" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2481" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-5062" }, { "trust": 0.1, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.1, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0013" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1157" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2729" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2901" } ], "sources": [ { "db": "CERT/CC", "id": "VU#903934" }, { "db": "VULMON", "id": "CVE-2011-5035" }, { "db": "BID", "id": "51194" }, { "db": "JVNDB", "id": "JVNDB-2011-003567" }, { "db": "PACKETSTORM", "id": "110181" }, { "db": "PACKETSTORM", "id": "111624" }, { "db": "PACKETSTORM", "id": "127267" }, { "db": "PACKETSTORM", "id": "110284" }, { "db": "PACKETSTORM", "id": "112144" }, { "db": "PACKETSTORM", "id": "113170" }, { "db": "PACKETSTORM", "id": "124943" }, { "db": "PACKETSTORM", "id": "109353" }, { "db": "PACKETSTORM", "id": "109834" }, { "db": "PACKETSTORM", "id": "125436" }, { "db": "CNNVD", "id": "CNNVD-201112-502" }, { "db": "NVD", "id": "CVE-2011-5035" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#903934" }, { "db": "VULMON", "id": "CVE-2011-5035" }, { "db": "BID", "id": "51194" }, { "db": "JVNDB", "id": "JVNDB-2011-003567" }, { "db": "PACKETSTORM", "id": "110181" }, { "db": "PACKETSTORM", "id": "111624" }, { "db": "PACKETSTORM", "id": "127267" }, { "db": "PACKETSTORM", "id": "110284" }, { "db": "PACKETSTORM", "id": "112144" }, { "db": "PACKETSTORM", "id": "113170" }, { "db": "PACKETSTORM", "id": "124943" }, { "db": "PACKETSTORM", "id": "109353" }, { "db": "PACKETSTORM", "id": "109834" }, { "db": "PACKETSTORM", "id": "125436" }, { "db": "CNNVD", "id": "CNNVD-201112-502" }, { "db": "NVD", "id": "CVE-2011-5035" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-12-28T00:00:00", "db": "CERT/CC", "id": "VU#903934" }, { "date": "2011-12-30T00:00:00", "db": "VULMON", "id": "CVE-2011-5035" }, { "date": "2011-12-29T00:00:00", "db": "BID", "id": "51194" }, { "date": "2012-01-04T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-003567" }, { "date": "2012-02-24T22:58:36", "db": "PACKETSTORM", "id": "110181" }, { "date": "2012-04-06T02:06:18", "db": "PACKETSTORM", "id": "111624" }, { "date": "2014-06-30T23:39:28", "db": "PACKETSTORM", "id": "127267" }, { "date": "2012-02-29T16:03:17", "db": "PACKETSTORM", "id": "110284" }, { "date": "2012-04-25T02:09:03", "db": "PACKETSTORM", "id": "112144" }, { "date": "2012-06-01T00:12:35", "db": "PACKETSTORM", "id": "113170" }, { "date": "2014-01-27T18:30:13", "db": "PACKETSTORM", "id": "124943" }, { "date": "2012-02-02T03:30:52", "db": "PACKETSTORM", "id": "109353" }, { "date": "2012-02-17T02:33:53", "db": "PACKETSTORM", "id": "109834" }, { "date": "2014-02-26T22:39:24", "db": "PACKETSTORM", "id": "125436" }, { "date": "2011-12-30T00:00:00", "db": "CNNVD", "id": "CNNVD-201112-502" }, { "date": "2011-12-30T01:55:01.640000", "db": "NVD", "id": "CVE-2011-5035" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-02-15T00:00:00", "db": "CERT/CC", "id": "VU#903934" }, { "date": "2018-01-06T00:00:00", "db": "VULMON", "id": "CVE-2011-5035" }, { "date": "2015-04-13T21:24:00", "db": "BID", "id": "51194" }, { "date": "2015-03-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-003567" }, { "date": "2012-01-04T00:00:00", "db": "CNNVD", "id": "CNNVD-201112-502" }, { "date": "2018-01-06T02:29:26.690000", "db": "NVD", "id": "CVE-2011-5035" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "110181" }, { "db": "PACKETSTORM", "id": "111624" }, { "db": "PACKETSTORM", "id": "113170" }, { "db": "CNNVD", "id": "CNNVD-201112-502" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Hash table implementations vulnerable to algorithmic complexity attacks", "sources": [ { "db": "CERT/CC", "id": "VU#903934" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation", "sources": [ { "db": "CNNVD", "id": "CNNVD-201112-502" } ], "trust": 0.6 } }
var-201201-0259
Vulnerability from variot
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. Some programming language implementations do not sufficiently randomize their hash functions or provide means to limit key collision attacks, which can be leveraged by an unauthenticated attacker to cause a denial-of-service (DoS) condition. Apache Tomcat Calculates the hash value of the form parameter without restricting the assumption of hash collision. (CPU Resource consumption ) There is a vulnerability that becomes a condition.A third party can send a large amount of crafted parameters to disrupt service operation. (CPU Resource consumption ) There is a possibility of being put into a state. Apache Tomcat is prone to a denial-of-service vulnerability. An attacker can exploit this issue by sending specially crafted forms in HTTP POST requests. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
TITLE: Hitachi COBOL2002 Products Unspecified Vulnerability
SECUNIA ADVISORY ID: SA47643
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47643/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47643
RELEASE DATE: 2012-01-20
DISCUSS ADVISORY: http://secunia.com/advisories/47643/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47643/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47643
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Hitachi has reported a vulnerability in some COBOL2002 products, which can be exploited by malicious users to compromise a vulnerable system.
SOLUTION: Upgrade to version 02-01-/D.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-002/index.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201206-24
http://security.gentoo.org/
Severity: Normal Title: Apache Tomcat: Multiple vulnerabilities Date: June 24, 2012 Bugs: #272566, #273662, #303719, #320963, #329937, #373987, #374619, #382043, #386213, #396401, #399227 ID: 201206-24
Synopsis
Multiple vulnerabilities were found in Apache Tomcat, the worst of which allowing to read, modify and overwrite arbitrary files.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/tomcat < 5.5.34 >= 6.0.35 *< 6.0.35 >= 7.0.23 < 7.0.23
Description
Multiple vulnerabilities have been discovered in Apache Tomcat. Please review the CVE identifiers referenced below for details.
Impact
The vulnerabilities allow an attacker to cause a Denial of Service, to hijack a session, to bypass authentication, to inject webscript, to enumerate valid usernames, to read, modify and overwrite arbitrary files, to bypass intended access restrictions, to delete work-directory files, to discover the server's hostname or IP, to bypass read permissions for files or HTTP headers, to read or write files outside of the intended working directory, and to obtain sensitive information by reading a log file.
Workaround
There is no known workaround at this time.
Resolution
All Apache Tomcat 6.0.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/tomcat-6.0.35"
All Apache Tomcat 7.0.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/tomcat-7.0.23"
References
[ 1 ] CVE-2008-5515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5515 [ 2 ] CVE-2009-0033 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0033 [ 3 ] CVE-2009-0580 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0580 [ 4 ] CVE-2009-0781 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0781 [ 5 ] CVE-2009-0783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0783 [ 6 ] CVE-2009-2693 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2693 [ 7 ] CVE-2009-2901 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2901 [ 8 ] CVE-2009-2902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2902 [ 9 ] CVE-2010-1157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1157 [ 10 ] CVE-2010-2227 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2227 [ 11 ] CVE-2010-3718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3718 [ 12 ] CVE-2010-4172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4172 [ 13 ] CVE-2010-4312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4312 [ 14 ] CVE-2011-0013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0013 [ 15 ] CVE-2011-0534 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0534 [ 16 ] CVE-2011-1088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1088 [ 17 ] CVE-2011-1183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1183 [ 18 ] CVE-2011-1184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1184 [ 19 ] CVE-2011-1419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1419 [ 20 ] CVE-2011-1475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1475 [ 21 ] CVE-2011-1582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1582 [ 22 ] CVE-2011-2204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2204 [ 23 ] CVE-2011-2481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2481 [ 24 ] CVE-2011-2526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2526 [ 25 ] CVE-2011-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2729 [ 26 ] CVE-2011-3190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3190 [ 27 ] CVE-2011-3375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3375 [ 28 ] CVE-2011-4858 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4858 [ 29 ] CVE-2011-5062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5062 [ 30 ] CVE-2011-5063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5063 [ 31 ] CVE-2011-5064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5064 [ 32 ] CVE-2012-0022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0022
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201206-24.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Description:
JBoss Operations Network (JBoss ON) is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services.
This JBoss ON 2.4.2 release serves as a replacement for JBoss ON 2.4.1, and includes several bug fixes. The Release Notes will be available shortly from https://docs.redhat.com/docs/en-US/index.html
The following security issues are also fixed with this release:
JBoss ON did not properly verify security tokens, allowing an unapproved agent to connect as an approved agent. A remote attacker could use this flaw to spoof the identity of an approved agent, allowing them to hijack the approved agent's session and steal its security token. As a result, the attacker could retrieve sensitive data about the server the hijacked agent was running on, including JMX credentials. (CVE-2012-0052)
JBoss ON sometimes allowed agent registration to succeed when the registration request did not include a security token. This is a feature designed to add convenience. A remote attacker could use this flaw to spoof the identity of an approved agent and pass a null security token, allowing them to hijack the approved agent's session, and steal its security token. As a result, the attacker could retrieve sensitive data about the server the hijacked agent was running on, including JMX credentials. (CVE-2011-4858)
Multiple cross-site scripting (XSS) flaws were found in the JBoss ON administration interface. If a remote attacker could trick a user, who was logged into the JBoss ON administration interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's JBoss ON session. (CVE-2011-3206)
JBoss ON did not verify that a user had the proper modify resource permissions when they attempted to delete a plug-in configuration update from the group connection properties history. This could allow such a user to delete a plug-in configuration update from the audit trail. Note that a user without modify resource permissions cannot use this flaw to make configuration changes. Solution:
The References section of this erratum contains a download link (you must log in to download the update). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: tomcat6 security update Advisory ID: RHSA-2012:0475-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0475.html Issue date: 2012-04-11 CVE Names: CVE-2011-4858 CVE-2012-0022 =====================================================================
- Summary:
Updated tomcat6 packages that fix two security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Optional (v. 6) - noarch Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Enterprise Linux Server Optional (v. 6) - noarch Red Hat Enterprise Linux Workstation (v. 6) - noarch Red Hat Enterprise Linux Workstation Optional (v. 6) - noarch
- Description:
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
It was found that the Java hashCode() method implementation was susceptible to predictable hash collisions. This update introduces a limit on the number of parameters processed per request to mitigate this issue. The default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties. (CVE-2011-4858)
It was found that Tomcat did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make Tomcat use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values. This update introduces limits on the number of parameters and headers processed per request to address this issue. Refer to the CVE-2011-4858 description for information about the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties. (CVE-2012-0022)
Red Hat would like to thank oCERT for reporting CVE-2011-4858. oCERT acknowledges Julian Wälde and Alexander Klink as the original reporters of CVE-2011-4858.
Users of Tomcat should upgrade to these updated packages, which correct these issues. Tomcat must be restarted for this update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
750521 - CVE-2011-4858 tomcat: hash table collisions CPU usage DoS (oCERT-2011-003) 783359 - CVE-2012-0022 tomcat: large number of parameters DoS
- Package List:
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm
noarch: tomcat6-6.0.24-36.el6_2.noarch.rpm tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm tomcat6-lib-6.0.24-36.el6_2.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm
noarch: tomcat6-6.0.24-36.el6_2.noarch.rpm tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm tomcat6-lib-6.0.24-36.el6_2.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm
noarch: tomcat6-6.0.24-36.el6_2.noarch.rpm tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm tomcat6-lib-6.0.24-36.el6_2.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm
noarch: tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm
noarch: tomcat6-6.0.24-36.el6_2.noarch.rpm tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm tomcat6-lib-6.0.24-36.el6_2.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm
noarch: tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-4858.html https://www.redhat.com/security/data/cve/CVE-2012-0022.html https://access.redhat.com/security/updates/classification/#moderate http://tomcat.apache.org/security-6.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFPhcuMXlSAg2UNWIIRAmgcAKCvoGLuPZCqAHY7u1xm60u7il7bEACfQGBI 8HSOguJdUvIJBrIr8kyWHpc= =1ReJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Release Date: 2012-02-06 Last Updated: 2012-02-06
Potential Security Impact: Remote Denial of Service (DoS), access restriction bypass
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to perform an access restriction bypass.
References: CVE-2006-7243, CVE-2011-4858, CVE-2011-4885, CVE-2012-0022
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.21 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2006-7243 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2011-4858 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4885 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0022 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following software updates to resolve the vulnerability. The updates are available for download from ftp://srt10728:Secure12@ftp.usa.hp.com
Note: HP-UX Web Server Suite v3.22 contains HP-UX Tomcat-based Servlet Engine v5.5.35.01
Web Server Suite Version Apache Depot Name
HP-UX Web Server Suite v.3.22 HP-UX B.11.23 HPUXWS22ATW-B322-64.depot
HP-UX B.11.23 HPUXWS22ATW-B322-32.depot
HP-UX B.11.31 HPUXWS22ATW-B322-64.depot
HP-UX B.11.31 HPUXWS22ATW-B322-32.depot
MANUAL ACTIONS: Yes - Update Install HP-UX Web Server Suite v3.22 or subsequent.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX Web Server Suite
HP-UX B.11.23 HP-UX B.11.31 ================== hpuxws22TOMCAT.TOMCAT action: install revision B.5.5.35.01 or subsequent
hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY action: install revision B.2.2.15.11 or subsequent
END AFFECTED VERSION
HISTORY Version:1 (rev.1) - 06 February 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Relevant releases/architectures:
JBoss Enterprise Application Platform 5 for RHEL 4 AS - noarch JBoss Enterprise Application Platform 5 for RHEL 4 ES - noarch JBoss Enterprise Application Platform 5 for RHEL 5 Server - noarch JBoss Enterprise Application Platform 5 for RHEL 6 Server - noarch
A flaw was found in the way JBoss Web handled UTF-8 surrogate pair characters. If JBoss Web was hosting an application with UTF-8 character encoding enabled, or that included user-supplied UTF-8 strings in a response, a remote attacker could use this flaw to cause a denial of service (infinite loop) on the JBoss Web server. (CVE-2012-0022)
Multiple flaws were found in the way JBoss Web handled HTTP DIGEST authentication. These flaws weakened the JBoss Web HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064)
A flaw was found in the way JBoss Web handled sendfile request attributes when using the HTTP APR (Apache Portable Runtime) or NIO (Non-Blocking I/O) connector. A malicious web application running on a JBoss Web instance could use this flaw to bypass security manager restrictions and gain access to files it would otherwise be unable to access, or possibly terminate the Java Virtual Machine (JVM).
Warning: Before applying this update, back up your JBoss Enterprise Application Platform's "jboss-as/server/[PROFILE]/deploy/" directory, along with all other customized configuration files. ============================================================================ Ubuntu Security Notice USN-1359-1 February 13, 2012
tomcat6 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Tomcat could be made to crash or expose sensitive information if it received specially crafted network traffic.
Software Description: - tomcat6: Servlet and JSP engine
Details:
It was discovered that Tomcat incorrectly performed certain caching and recycling operations. A remote attacker could use this flaw to obtain read access to IP address and HTTP header information in certain cases. This issue only applied to Ubuntu 11.10. (CVE-2011-4858)
It was discovered that Tomcat incorrectly handled parameters. (CVE-2012-0022)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: libtomcat6-java 6.0.32-5ubuntu1.2
Ubuntu 11.04: libtomcat6-java 6.0.28-10ubuntu2.3
Ubuntu 10.10: libtomcat6-java 6.0.28-2ubuntu1.6
Ubuntu 10.04 LTS: libtomcat6-java 6.0.24-2ubuntu1.10
In general, a standard system update will make all the necessary changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201201-0259", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "cosminexus application server enterprise 06-50-/a", "scope": null, "trust": 2.1, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-00-/a", "scope": null, "trust": 2.1, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-50-/b", "scope": null, "trust": 2.1, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-70-/b", "scope": null, "trust": 2.1, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-50-/a", "scope": null, "trust": 2.1, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-70-/c", "scope": null, "trust": 2.1, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-70-/b", "scope": null, "trust": 2.1, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-70-/c", "scope": null, "trust": 2.1, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-50-/b", "scope": null, "trust": 2.1, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-00-/a", "scope": null, "trust": 2.1, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 1.9, "vendor": "apache", "version": "6.0.4" }, { "model": "tomcat", "scope": "eq", "trust": 1.9, "vendor": "apache", "version": "6.0.6" }, { "model": "tomcat", "scope": "eq", "trust": 1.9, "vendor": "apache", "version": "6.0.2" }, { "model": "tomcat", "scope": "eq", "trust": 1.9, "vendor": "apache", "version": "6.0.7" }, { "model": "tomcat", "scope": "eq", "trust": 1.9, "vendor": "apache", "version": "6.0.8" }, { "model": "tomcat", "scope": "eq", "trust": 1.9, "vendor": "apache", "version": "6.0.3" }, { "model": "tomcat", "scope": "eq", "trust": 1.9, "vendor": "apache", "version": "6.0.5" }, { "model": "tomcat", "scope": "eq", "trust": 1.9, "vendor": "apache", "version": "6.0.1" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 1.8, "vendor": "hitachi", "version": "08-00-01" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 1.8, "vendor": "hitachi", "version": "08-00-01" }, { "model": "cosminexus application server standard 06-50-/c", "scope": null, "trust": 1.8, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 1.8, "vendor": "hitachi", "version": "08-00-01" }, { "model": "ucosminexus application server standard 06-70-/a", "scope": null, "trust": 1.8, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-70-/f", "scope": null, "trust": 1.8, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-00-/b", "scope": null, "trust": 1.8, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 1.8, "vendor": "hitachi", "version": "08-00-01" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 1.8, "vendor": "hitachi", "version": "07-10" }, { "model": "cosminexus application server standard 06-00-/b", "scope": null, "trust": 1.8, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 1.8, "vendor": "hitachi", "version": "08-00-01" }, { "model": "cosminexus application server enterprise 06-50-/c", "scope": null, "trust": 1.8, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-70-/a", "scope": null, "trust": 1.8, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-70-/f", "scope": null, "trust": 1.8, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 1.8, "vendor": "hitachi", "version": "08-00-01" }, { "model": "tomcat", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "5.5.35" }, { "model": "tomcat", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "6.0.0" }, { "model": "cosminexus application server standard", "scope": "eq", "trust": 1.5, "vendor": "hitachi", "version": "06-50" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 1.5, "vendor": "hitachi", "version": "07-10" }, { "model": "ucosminexus application server standard 06-70-/d", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-70-/g", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 1.5, "vendor": "hitachi", "version": "06-70" }, { "model": "cosminexus application server enterprise 06-00-/c", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-00-/e", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise", "scope": "eq", "trust": 1.5, "vendor": "hitachi", "version": "06-00" }, { "model": "ucosminexus application server standard 06-70-/e", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-00-/d", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-50-/e", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-00-/e", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-50-/e", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard", "scope": "eq", "trust": 1.5, "vendor": "hitachi", "version": "06-00" }, { "model": "ucosminexus application server enterprise 06-70-/e", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-00-/c", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 1.5, "vendor": "hitachi", "version": "06-70" }, { "model": "cosminexus application server enterprise", "scope": "eq", "trust": 1.5, "vendor": "hitachi", "version": "06-50" }, { "model": "ucosminexus application server enterprise 06-70-/d", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-00-/d", "scope": null, "trust": 1.5, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.11" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.17" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.5" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.18" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.3" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.15" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.1" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.25" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.8" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.29" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.20" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.15" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.27" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.12" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.19" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.30" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.16" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.31" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.20" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.13" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.26" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.18" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.2" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.22" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.12" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.16" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.4" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.13" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.19" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.17" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.14" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.7" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.24" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.10" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.9" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.32" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.10" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.28" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.9" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.21" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.14" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.33" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "7.0.6" }, { "model": "tomcat", "scope": "eq", "trust": 1.3, "vendor": "apache", "version": "6.0.11" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-00" }, { "model": "cosminexus application server 05-05-/i", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "05-05" }, { "model": "cosminexus application server 05-05-/d", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-05-/h", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-00-06" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-60" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-00-06" }, { "model": "ucosminexus application server enterprise 06-70-/g", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-00-06" }, { "model": "cosminexus application server 05-05-/f", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-50-/d", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "08-00" }, { "model": "cosminexus application server 05-05-/a", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-00-12" }, { "model": "cosminexus application server 05-05-/e", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-00-06" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-00-06" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-60" }, { "model": "cosminexus application server 05-05-/g", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-00-06" }, { "model": "cosminexus application server 05-05-/b", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-00" }, { "model": "cosminexus application server 05-05-/c", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-50-/d", "scope": null, "trust": 1.2, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "08-00" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 1.2, "vendor": "hitachi", "version": "07-00" }, { "model": "tomcat", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "6.0.23" }, { "model": "tomcat", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "6.0.21" }, { "model": "tomcat", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "7.0.0" }, { "model": "tomcat", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "6.0.22" }, { "model": "tomcat", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "6.0.34" }, { "model": "cosminexus application server enterprise )", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "06-00" }, { "model": "ucosminexus application server enterprise 06-71-/b", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-02-/a", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-51-/a", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-10" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-00-03" }, { "model": "cosminexus application server enterprise 06-02-/d", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-60" }, { "model": "cosminexus application server enterprise 06-02-/c", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "08-00" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-50-01" }, { "model": "cosminexus application server standard )", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "06-00" }, { "model": "cosminexus application server enterprise 06-50-/f", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-51-/a", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-71-/c", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-50" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-10" }, { "model": "cosminexus application server standard 06-02-/d", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-02-/a", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard )", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "06-70" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-00-03" }, { "model": "cosminexus application server standard 06-02-/c", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "05-00" }, { "model": "cosminexus application server standard 06-02-/b", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-50-/f", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-02-/b", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-10-06" }, { "model": "cosminexus application server 05-05-/m", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-00-01" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-50" }, { "model": "ucosminexus application server enterprise )", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "06-70" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-10-01" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-50" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-00-03" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-00-03" }, { "model": "cosminexus application server standard 06-51-/b", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-50-01" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.9, "vendor": "hitachi", "version": "07-00-01" }, { "model": "cosminexus application server enterprise 06-51-/b", "scope": null, "trust": 0.9, "vendor": "hitachi", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "apache tomcat", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "microsoft", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "oracle", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "ruby", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "the php group", "version": null }, { "model": "interstage list works", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage service integrator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "cosminexus studio", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "version 5" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "st ard" }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker it change manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "enterprise version 6" }, { "model": "interstage xml business activity recorder", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard-j edition v7.1 to v8.1" }, { "model": "tomcat", "scope": "lt", "trust": 0.8, "vendor": "apache", "version": "7.x" }, { "model": "interstage web server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise service bus v6.4 to v8.4" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise edition v4.1 to v6.5" }, { "model": "ucosminexus service", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "platform" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "smart edition" }, { "model": "it operations analyzer", "scope": null, "trust": 0.8, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "lt", "trust": 0.8, "vendor": "apache", "version": "6.x" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "professional for plug-in" }, { "model": "cosminexus component container", "scope": null, "trust": 0.8, "vendor": "hitachi", "version": null }, { "model": "systemwalker operation manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker it process master", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "developer v7.1 to v8.1" }, { "model": "interstage application development cycle manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "none" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "portal v8.2 to v8.3" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise edition v7.1 to v8.1" }, { "model": "csview", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "/faq navigator v4 v5" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise v8.2 to v8.4" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "st ard-r" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "foundation v8.2 to v8.4" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "sip application server st ard edition v7.1 to v8.1" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "development environment v6.1 to v6.5" }, { "model": "systemwalker desktop inspection", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.8, "vendor": "apache", "version": "6.0.35" }, { "model": "websam storage vmware vcenter plug-in", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v1.1" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "web edition v7.1 to v8.1" }, { "model": "success server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "plus developer / apworks / studio" }, { "model": "systemwalker service quality coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "uddi registry v1.1 to v7.1" }, { "model": "systemwalker runbook automation", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator cloud edition" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard v8.2 to v8.4" }, { "model": "ucosminexus primary server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "base" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "professional version 6" }, { "model": "interstage list manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard-j edition v4.1 to v6.5" }, { "model": "cosminexus primary server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "base" }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "infoframe documentskipper", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v4.1" }, { "model": "infocage", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "pc security v1.44 before" }, { "model": "ucosminexus service", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "architect" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard edition v4.1 to v6.5" }, { "model": "internet navigware server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "version 5" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "express" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "light" }, { "model": "infoframe documentskipper", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v3.2" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "enterprise" }, { "model": "websam securemaster", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterpriseidentitymanager ver4.1 all versions up to" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "01" }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker availability view", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage shunsaku data manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "version 5" }, { "model": "interstage form coordinator workflow", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "web edition v4.1 to v6.5" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard edition v7.1 to v8.1" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "st ard version 6" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "light" }, { "model": "websam securemaster", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterpriseaccessmanager ver5.0 to ver6.1" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "st ard" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "light version 6" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "express v8.2 to v8.4" }, { "model": "tomcat", "scope": "eq", "trust": 0.8, "vendor": "apache", "version": "7.0.23" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "professional" }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "st ard version 6" }, { "model": "garoon", "scope": "eq", "trust": 0.8, "vendor": "cybozu", "version": "2.0.0 to 3.1" }, { "model": "ucosminexus service", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "platform - messaging" }, { "model": "infoframe documentskipper", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v5.1" }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "ucosminexus application server enterprise 06-71-/d", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-71-/b", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-03-02" }, { "model": "ucosminexus application server enterprise )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-60" }, { "model": "ucosminexus application server standard )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-10" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "02-00" }, { "model": "cosminexus application server enterprise )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "06-51" }, { "model": "cosminexus application server 05-00-/i", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-72-/b", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-00-02" }, { "model": "ucosminexus application server enterprise 06-70-/n", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-53" }, { "model": "cosminexus application server enterprise 06-00-/f", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-00-02" }, { "model": "ucosminexus application server standard )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-50" }, { "model": "ucosminexus application server 06-70-/c", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-00-/a", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00" }, { "model": "ucosminexus application server standard 06-71-/g", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-71-/h", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-71-/c", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-71-/a", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-10" }, { "model": "cosminexus application server 05-05-/l", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "06-51" }, { "model": "cosminexus application server 05-00-/b", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-71-/h", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server 06-71-/d", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-09" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-09" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-10" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-53" }, { "model": "ucosminexus application server standard )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-00" }, { "model": "ucosminexus application server 06-70-/d", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-05-/j", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-51-/e", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-03-02" }, { "model": "cosminexus application server standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "06-51" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-00-02" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-00-02" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-10-01" }, { "model": "cosminexus application server 05-00-/c", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-09" }, { "model": "ucosminexus application server standard 06-70-/n", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-72-/d", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-51-/d", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-10" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "06-71" }, { "model": "ucosminexus application server enterprise 06-71-/g", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-10" }, { "model": "cosminexus application server standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "06-02" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-01" }, { "model": "ucosminexus service platform )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-00" }, { "model": "cosminexus application server enterprise 06-51-/c", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-70-/h", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-53" }, { "model": "cosminexus application server enterprise", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "06-02" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-10-08" }, { "model": "cosminexus application server standard 06-00-/i", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-03-02" }, { "model": "cosminexus application server standard 06-51-/c", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-00-/h", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-00-/g", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-50" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-09" }, { "model": "cosminexus application server enterprise 06-51-/d", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "06-71" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-03-02" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-00-02" }, { "model": "cosminexus application server standard 06-02-/f", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-05-/o", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-02-/e", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-10" }, { "model": "ucosminexus application server enterprise )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-50" }, { "model": "ucosminexus application server standard 06-71-/d", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-10-01" }, { "model": "cosminexus application server enterprise", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "06-51" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-03-02" }, { "model": "cosminexus application server enterprise 06-02-/f", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-00" }, { "model": "ucosminexus application server enterprise 06-70-/b )", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-60" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-10-06" }, { "model": "ucosminexus application server enterprise 06-71-/a", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-00-/h", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-00-/g", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-00-/f", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-03-02" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-09" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "08-00-02" }, { "model": "cosminexus application server enterprise 06-00-/i", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-09" }, { "model": "ucosminexus application server )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-10" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "07-00-10" }, { "model": "cosminexus application server enterprise )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "06-50" }, { "model": "cosminexus application server standard )", "scope": "eq", "trust": 0.6, "vendor": "hitachi", "version": "06-50" }, { "model": "cosminexus application server standard 06-02-/e", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-05-/k", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-51-/e", "scope": null, "trust": 0.6, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-02-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 06-51-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-00-/m", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "cosminexus developer light 06-50-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.2" }, { "model": "cosminexus application server 05-02-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-72-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "network node manager i spi", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.0" }, { "model": "ucosminexus developer professional 06-70-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-02" }, { "model": "cosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-02" }, { "model": "cosminexus developer 05-05-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "ucosminexus developer standard 06-70-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-00-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-05-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.19" }, { "model": "ucosminexus application server enterprise 06-70-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-50-/c (solari", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-00-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-02-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-03-03" }, { "model": "cosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-50" }, { "model": "cosminexus developer standard 06-51-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.1" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "cosminexus application server enterprise 06-02-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-00-/r", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-01" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-72" }, { "model": "cosminexus developer professional 06-51-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tivoli foundations for application manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1" }, { "model": "cosminexus application server standard 06-51-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-05-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-01-/k", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-50-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-51-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard 06-71-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.14" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-03" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-03" }, { "model": "cosminexus developer light 06-51-/k", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "cosminexus primary server base", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "5.0" }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.2" }, { "model": "ucosminexus developer light 06-71-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "cosminexus developer professional 06-00-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-10" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-01" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5" }, { "model": "cosminexus application server enterprise 06-50-c (solaris", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "tivoli key lifecycle manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0" }, { "model": "cosminexus application server standard 06-51-/k", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-02" }, { "model": "tomcat", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": "7.0.23" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "7" }, { "model": "cosminexus developer standard 06-00-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-02-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-50" }, { "model": "cosminexus developer professional 06-00-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "6.7" }, { "model": "cosminexus developer light 06-02-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.18" }, { "model": "ucosminexus developer standard 06-70-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "cosminexus developer professional 06-51-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00" }, { "model": "cosminexus application server standard 06-51-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-05-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional 06-70-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-20" }, { "model": "enterprise linux hpc node optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20" }, { "model": "cosminexus developer professional 06-00-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.22" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-02" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-01" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-00" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.23" }, { "model": "cosminexus developer professional 06-00-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.1" }, { "model": "cosminexus developer light 06-00-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-02-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-05-/o", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10-06" }, { "model": "cosminexus developer professional 06-02-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-50-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "ucosminexus developer professional 06-70-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-60" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "ucosminexus developer standard 06-71-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-03" }, { "model": "ucosminexus developer 06-70-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-51-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-00-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-50-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-51-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10" }, { "model": "ucosminexus developer light 06-70-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-01-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50" }, { "model": "cosminexus developer 05-01-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-51-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-60" }, { "model": "cosminexus developer light 06-51-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-05" }, { "model": "cosminexus application server enterprise 06-51-/k", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.14" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.30" }, { "model": "cosminexus developer 05-01-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus primary server base", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "6.0" }, { "model": "ucosminexus application server enterprise )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "09-80" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "tivoli netcool/omnibus web gui", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.4" }, { "model": "cosminexus developer light 06-51-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-70-/p", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-01-/k", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50" }, { "model": "cosminexus developer professional 06-00-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-51-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-02" }, { "model": "ucosminexus application server smart edition", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.2" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.13" }, { "model": "ucosminexus application server enterpris", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-10" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "6.0" }, { "model": "ucosminexus application server enterprise 06-70-/a (windows(ip", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-02" }, { "model": "ucosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "6.7" }, { "model": "jboss enterprise application platform for rhel 4as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "hp-ux web server suite", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.21" }, { "model": "it operations analyzer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "03-01-01" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "7" }, { "model": "cosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-50" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-01" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-53" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.8" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-01" }, { "model": "cosminexus application server 05-01-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-51-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer light 06-71-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "6.7" }, { "model": "cosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-51" }, { "model": "cosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-00" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50" }, { "model": "geronimo", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": "2.1.8" }, { "model": "cosminexus developer 05-05-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-53" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-05" }, { "model": "tomcat beta", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "7.0" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-01" }, { "model": "cosminexus developer professional 06-50-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00" }, { "model": "cosminexus studio 05-00-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-00-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional 06-71-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-09" }, { "model": "network node manager i spi", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.10" }, { "model": "tivoli dynamic workload console", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6.0.1" }, { "model": "ucosminexus developer professional 06-71-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-02" }, { "model": "hp-ux web server suite", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.14" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10" }, { "model": "it operations analyzer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "03-01" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10-01" }, { "model": "infosphere guardium", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00" }, { "model": "cosminexus developer standard 06-50-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-05" }, { "model": "cosminexus application server 05-02-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-50" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10" }, { "model": "cosminexus studio 05-01-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise version", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "6" }, { "model": "ucosminexus application server enterprise 06-70-/a linux )", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-02" }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.5" }, { "model": "ucosminexus developer professional 06-70-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.4" }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.2" }, { "model": "ucosminexus application server enterprise 06-71-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server 06-70-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer light 06-71-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional 06-71-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.21" }, { "model": "cosminexus application server standard 06-50-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tivoli netcool/webtop", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "cosminexus application server enterprise 06-51-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-50-/c (hp-ux(", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-70-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-00-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-02-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.2" }, { "model": "cosminexus developer standard 06-50-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-09" }, { "model": "ucosminexus application server enterprise 06-70-/m", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-70-/q", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.3" }, { "model": "cosminexus application server 05-02-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "it operations analyzer", "scope": "ne", "trust": 0.3, "vendor": "hitachi", "version": "3.1.0" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.9" }, { "model": "cosminexus application server 05-01-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.4" }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.1" }, { "model": "cosminexus developer standard 06-51-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-02-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server 06-70-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-50-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-72-/g )", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tivoli integrated portal", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.19" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-71" }, { "model": "tivoli foundations for application manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.6" }, { "model": "jboss enterprise application platform for rhel server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "55" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-02" }, { "model": "cosminexus developer 05-01-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-05" }, { "model": "cosminexus developer light 06-51-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "hp-ux web server suite", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.13" }, { "model": "cosminexus developer 05-01-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-20" }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.0" }, { "model": "jboss communications platform", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5.1.2" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "8" }, { "model": "cosminexus developer standard 06-00-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.5" }, { "model": "cosminexus developer 05-05-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-00-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-51-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus studio 05-05-/q", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-00-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-00-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-00-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional for plug-in", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "ucosminexus application server standard hp-ux", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10-01" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.1" }, { "model": "cosminexus application server 05-00-/p", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-05-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "05-01" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.5" }, { "model": "tivoli netcool performance manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.2" }, { "model": "ucosminexus application server standard 06-70-/a (windows(ip", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-02-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-02" }, { "model": "cosminexus developer 05-05-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-51" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-01" }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.0.1" }, { "model": "cosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-00" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "cosminexus application server standard 06-51-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer light 06-71-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-50-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.3" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.31" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-02" }, { "model": "cosminexus developer light 06-50-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.30" }, { "model": "ucosminexus application server enterprise 06-70-/q", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-02-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-71" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-01" }, { "model": "cognos business intelligence", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-10" }, { "model": "ucosminexus developer standard 06-71-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "jboss communications platform", "scope": "ne", "trust": 0.3, "vendor": "redhat", "version": "5.1.3" }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "cosminexus developer professional 06-51-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-02-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.4" }, { "model": "cosminexus developer light 06-00-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-01-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-01-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-51" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.17" }, { "model": "cosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-00" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-02" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-12" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10-08" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-03" }, { "model": "ucosminexus developer professional 06-71-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50" }, { "model": "ucosminexus developer professional 06-71-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "enterprise linux desktop optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "it operations analyzer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "02-51" }, { "model": "ucosminexus developer standard 06-70-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "8" }, { "model": "ucosminexus developer professional 06-70-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tivoli netcool performance manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.1" }, { "model": "ucosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "6" }, { "model": "cosminexus developer 05-05-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "it operations analyzer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "02-53-02" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-10" }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "cosminexus application server standard 06-51-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-72(*1)" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.1" }, { "model": "hp-ux web server suite", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.12" }, { "model": "cosminexus developer standard 06-50-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-50-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server 06-70-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "cosminexus developer professional 06-51-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "6" }, { "model": "ucosminexus application server standard 06-70-/m", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-00-/s", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "8" }, { "model": "ucosminexus application server enterprise 06-72-/b )", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-02" }, { "model": "cosminexus developer light 06-50-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-05-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-70-/o", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-01-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-02-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-00-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-05-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tivoli dynamic workload console", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6.0.0" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-01" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "ucosminexus application server standard (solaris(sparc", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-00" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "network node manager i", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.11" }, { "model": "cosminexus developer standard 06-51-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "cosminexus developer light 06-02-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-02-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-03-03" }, { "model": "jboss enterprise web server for rhel server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "51.0" }, { "model": "tivoli dynamic workload console", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "8.6.0.2" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-01" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.12" }, { "model": "cosminexus application server 05-01-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10-01" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-02" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20" }, { "model": "tomcat", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": "6.0.35" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.27" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-50" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "ucosminexus application server standard 06-71-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-51-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-70" }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "7" }, { "model": "application manager for smart business", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.1" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-03-03" }, { "model": "ucosminexus application server standard 06-70-/k", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "security siteprotector system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.9" }, { "model": "ucosminexus developer standard 06-71-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-51-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tivoli integrated portal", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.9" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-60" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "cosminexus studio 05-05-/p", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "jboss operations network", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.4.1" }, { "model": "it operations analyzer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "02-51-01" }, { "model": "ucosminexus developer 06-71-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.16" }, { "model": "cosminexus developer light 06-51-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.19" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-02" }, { "model": "ucosminexus application server enterprise hp-ux )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00" }, { "model": "cosminexus developer professional 06-51-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-01-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "jboss enterprise application platform for rhel 4es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "ucosminexus developer light 06-70-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer light 06-70-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "ucosminexus application server enterprise hp-ux )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10" }, { "model": "ucosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "8" }, { "model": "tivoli key lifecycle manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.1" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-01" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.11" }, { "model": "cosminexus developer light 06-02-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-02-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "aura system manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "cosminexus developer 05-01-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-00-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-51-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-01-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "8" }, { "model": "cosminexus developer 05-05-/q", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-71-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00" }, { "model": "it operations analyzer", "scope": "ne", "trust": 0.3, "vendor": "hitachi", "version": "03-01-02" }, { "model": "cosminexus application server 05-01-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-01" }, { "model": "cosminexus developer standard 06-51-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-50-/c (hp-ux(", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-01" }, { "model": "hp-ux web server suite", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.17" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5" }, { "model": "cosminexus application server 05-00-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-51-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-53" }, { "model": "ucosminexus developer light 06-70-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-70-/g )", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "enterprise linux workstation optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "infosphere guardium", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1" }, { "model": "ucosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-70" }, { "model": "tivoli netcool/omnibus web gui", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.1" }, { "model": "cosminexus developer professional 06-51-/k", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.12" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.16" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.10" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-72" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.4" }, { "model": "cosminexus developer standard 06-50-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "05-01" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.9" }, { "model": "ucosminexus application server 06-71-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-00-/q", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "ucosminexus developer light", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "7" }, { "model": "cognos business intelligence", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.4.1" }, { "model": "cosminexus application server enterprise 06-51-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.24" }, { "model": "cosminexus developer professional 06-00-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10" }, { "model": "ucosminexus application server standard 06-70-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "cosminexus studio", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "05-01" }, { "model": "ucosminexus developer light 06-70-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer light 06-71-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-50" }, { "model": "ucosminexus developer light 06-70-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "hp-ux web server suite", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "3.22" }, { "model": "cosminexus developer 05-05-/p", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "7" }, { "model": "ucosminexus developer standard 06-70-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "05-05" }, { "model": "cosminexus developer standard 06-00-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-51-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard 06-70-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "enterprise linux server optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "hp-ux web server suite", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.18" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.2" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "cosminexus studio", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "05-05" }, { "model": "cosminexus developer 05-05-/n", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-00-/n", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional 06-71-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-01" }, { "model": "cosminexus developer 05-01-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-00" }, { "model": "cosminexus developer standard 06-00-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-72-/g )", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional 06-71-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": "5.5.35" }, { "model": "cosminexus application server 05-00-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "cosminexus developer light 06-51-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-01" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-00" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "7.0" }, { "model": "infosphere guardium", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.3" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-10" }, { "model": "cosminexus application server standard 06-50-/g (aix", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-50-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.13" }, { "model": "cosminexus developer standard 06-51-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.11" }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "10" }, { "model": "cosminexus developer standard 06-02-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "network node manager i", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.0" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.8" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-71" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.15" }, { "model": "ucosminexus developer light 06-71-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-72-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise (solaris(sparc", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "08-00" }, { "model": "ucosminexus application server enterprise )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10-1" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "6.7" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.28" }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-10" }, { "model": "ucosminexus developer professional 06-71-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.34" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.20" }, { "model": "ucosminexus developer standard 06-70-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0" }, { "model": "cosminexus developer standard 06-00-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-02-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional 06-70-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "hp-ux web server suite", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.10" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.32" }, { "model": "ucosminexus developer standard 06-71-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise 06-72-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-02" }, { "model": "ucosminexus developer standard 06-71-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.6" }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.7" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "cosminexus developer professional 06-02-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server express", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "09-70" }, { "model": "hp-ux web server suite", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.15" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.7" }, { "model": "cosminexus developer standard 06-51-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-72(*1)" }, { "model": "ucosminexus application server enterprise 06-70-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-51-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-01-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-02" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20" }, { "model": "ucosminexus developer light 06-71-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-00-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tivoli key lifecycle manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0" }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.6" }, { "model": "cosminexus developer professional 06-02-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-50-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "it operations analyzer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "02-53-01" }, { "model": "ucosminexus application server enterprise 06-70-/p", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-51-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "jboss enterprise application platform for rhel server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "65" }, { "model": "cosminexus application server 05-02-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "network node manager i spi", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.11" }, { "model": "cosminexus developer professional 06-51-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-70-/o", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard 06-72-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-02" }, { "model": "cosminexus developer standard 06-51-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform messaging", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "-0" }, { "model": "it operations analyzer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "02-53" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10-01" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-12" }, { "model": "ucosminexus application server )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00" }, { "model": "jboss operations network", "scope": "ne", "trust": 0.3, "vendor": "redhat", "version": "2.4.2" }, { "model": "ucosminexus developer standard 06-71-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-51-/k", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-02" }, { "model": "cosminexus developer 05-00-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-00-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-10" }, { "model": "cosminexus developer professional 06-51-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tivoli netcool performance manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10-01" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.10" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20" }, { "model": "ucosminexus application server 06-70-/d (windows", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterpris", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-09" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-05" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.7" }, { "model": "cosminexus application server 05-00-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus developer standard 06-71-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.26" }, { "model": "ucosminexus application server standard 06-70-/b )", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-05-/m", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.31" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-09" }, { "model": "ucosminexus application server enterprise 06-72-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-05" }, { "model": "cosminexus application server standard 06-50-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "hp-ux web server suite", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.22" }, { "model": "ucosminexus application server enterprise 06-71-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.1" }, { "model": "ucosminexus application server standard 06-71-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-03-03" }, { "model": "cosminexus developer standard 06-00-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-51-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-01" }, { "model": "ucosminexus application server enterprise hp-ux", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10-01" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-09" }, { "model": "cognos business intelligence", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1.1" }, { "model": "ucosminexus application server standard 06-71-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-09" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.3" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "05-00" }, { "model": "cosminexus developer professional 06-50-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-00-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer standard 06-51-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.33" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-00-10" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-02" }, { "model": "cosminexus application server standard 06-51-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus studio", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "05-00" }, { "model": "cosminexus developer standard 06-00-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-51-/b (linux(", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-03-03" }, { "model": "ucosminexus application server standard 06-72-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-50-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-01-/i", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 06-50-/g", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cognos business intelligence", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2" }, { "model": "cosminexus application server standard )", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-02" }, { "model": "ucosminexus developer professional", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-02" }, { "model": "cosminexus application server 05-00-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-50-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.15" }, { "model": "cosminexus application server 05-01-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10-01" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "cosminexus application server 05-01-/l", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.25" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "ucosminexus application server standard 06-70-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "05-02" }, { "model": "cosminexus application server 05-00-/o", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-00-/h", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "jboss enterprise web server for rhel", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "61.0" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-20-01" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "6.7" }, { "model": "ucosminexus service architect", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-03-03" }, { "model": "ucosminexus developer light 06-71-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-51-/j", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-50-/b )", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server standard 06-51-/b (linux(", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tivoli netcool/omnibus web gui", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3" }, { "model": "cosminexus application server 05-05-/n", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "ucosminexus service platform", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "0" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-10" }, { "model": "ucosminexus developer standard", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "06-70" }, { "model": "cosminexus developer standard 06-02-/a", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-05-/p", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer professional 06-51-/b", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server enterprise 06-51-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus application server 05-00-/k", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-05-/k", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer light 06-50-/d", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.29" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "ucosminexus application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "07-50-09" }, { "model": "cosminexus developer 05-01-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "cosminexus developer 05-01-/e", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "enterprise linux desktop workstation client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "infosphere guardium", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "cosminexus developer standard 06-02-/c", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.0.28" }, { "model": "tomcat", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "5.5.10" }, { "model": "geronimo", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.1.1" }, { "model": "it operations analyzer", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "02-01" }, { "model": "cosminexus developer standard 06-02-/f", "scope": null, "trust": 0.3, "vendor": "hitachi", "version": null } ], "sources": [ { "db": "CERT/CC", "id": "VU#903934" }, { "db": "BID", "id": "51200" }, { "db": "JVNDB", "id": "JVNDB-2012-001003" }, { "db": "CNNVD", "id": "CNNVD-201201-056" }, { "db": "NVD", "id": "CVE-2011-4858" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2011-4858" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "109328" }, { "db": "PACKETSTORM", "id": "111783" }, { "db": "PACKETSTORM", "id": "109271" }, { "db": "PACKETSTORM", "id": "110084" }, { "db": "PACKETSTORM", "id": "109272" } ], "trust": 0.5 }, "cve": "CVE-2011-4858", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2011-4858", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2011-4858", "trust": 1.8, "value": "MEDIUM" }, { "author": "CARNEGIE MELLON", "id": "VU#903934", "trust": 0.8, "value": "10.80" }, { "author": "CNNVD", "id": "CNNVD-201201-056", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2011-4858", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#903934" }, { "db": "VULMON", "id": "CVE-2011-4858" }, { "db": "JVNDB", "id": "JVNDB-2012-001003" }, { "db": "CNNVD", "id": "CNNVD-201201-056" }, { "db": "NVD", "id": "CVE-2011-4858" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. Some programming language implementations do not sufficiently randomize their hash functions or provide means to limit key collision attacks, which can be leveraged by an unauthenticated attacker to cause a denial-of-service (DoS) condition. Apache Tomcat Calculates the hash value of the form parameter without restricting the assumption of hash collision. (CPU Resource consumption ) There is a vulnerability that becomes a condition.A third party can send a large amount of crafted parameters to disrupt service operation. (CPU Resource consumption ) There is a possibility of being put into a state. Apache Tomcat is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue by sending specially crafted forms in HTTP POST requests. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nHitachi COBOL2002 Products Unspecified Vulnerability\n\nSECUNIA ADVISORY ID:\nSA47643\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47643/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47643\n\nRELEASE DATE:\n2012-01-20\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47643/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47643/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47643\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nHitachi has reported a vulnerability in some COBOL2002 products,\nwhich can be exploited by malicious users to compromise a vulnerable\nsystem. \n\nSOLUTION:\nUpgrade to version 02-01-/D. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-002/index.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201206-24\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Apache Tomcat: Multiple vulnerabilities\n Date: June 24, 2012\n Bugs: #272566, #273662, #303719, #320963, #329937, #373987,\n #374619, #382043, #386213, #396401, #399227\n ID: 201206-24\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in Apache Tomcat, the worst of\nwhich allowing to read, modify and overwrite arbitrary files. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/tomcat *\u003c 5.5.34 *\u003e= 6.0.35\n *\u003c 6.0.35 \u003e= 7.0.23\n \u003c 7.0.23\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Apache Tomcat. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nThe vulnerabilities allow an attacker to cause a Denial of Service, to\nhijack a session, to bypass authentication, to inject webscript, to\nenumerate valid usernames, to read, modify and overwrite arbitrary\nfiles, to bypass intended access restrictions, to delete work-directory\nfiles, to discover the server\u0027s hostname or IP, to bypass read\npermissions for files or HTTP headers, to read or write files outside\nof the intended working directory, and to obtain sensitive information\nby reading a log file. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache Tomcat 6.0.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/tomcat-6.0.35\"\n\nAll Apache Tomcat 7.0.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/tomcat-7.0.23\"\n\nReferences\n==========\n\n[ 1 ] CVE-2008-5515\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5515\n[ 2 ] CVE-2009-0033\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0033\n[ 3 ] CVE-2009-0580\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0580\n[ 4 ] CVE-2009-0781\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0781\n[ 5 ] CVE-2009-0783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0783\n[ 6 ] CVE-2009-2693\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2693\n[ 7 ] CVE-2009-2901\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2901\n[ 8 ] CVE-2009-2902\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2902\n[ 9 ] CVE-2010-1157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1157\n[ 10 ] CVE-2010-2227\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2227\n[ 11 ] CVE-2010-3718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3718\n[ 12 ] CVE-2010-4172\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4172\n[ 13 ] CVE-2010-4312\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4312\n[ 14 ] CVE-2011-0013\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0013\n[ 15 ] CVE-2011-0534\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0534\n[ 16 ] CVE-2011-1088\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1088\n[ 17 ] CVE-2011-1183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1183\n[ 18 ] CVE-2011-1184\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1184\n[ 19 ] CVE-2011-1419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1419\n[ 20 ] CVE-2011-1475\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1475\n[ 21 ] CVE-2011-1582\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1582\n[ 22 ] CVE-2011-2204\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2204\n[ 23 ] CVE-2011-2481\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2481\n[ 24 ] CVE-2011-2526\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2526\n[ 25 ] CVE-2011-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2729\n[ 26 ] CVE-2011-3190\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3190\n[ 27 ] CVE-2011-3375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3375\n[ 28 ] CVE-2011-4858\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4858\n[ 29 ] CVE-2011-5062\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5062\n[ 30 ] CVE-2011-5063\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5063\n[ 31 ] CVE-2011-5064\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5064\n[ 32 ] CVE-2012-0022\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0022\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201206-24.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Description:\n\nJBoss Operations Network (JBoss ON) is a middleware management solution\nthat provides a single point of control to deploy, manage, and monitor\nJBoss Enterprise Middleware, applications, and services. \n\nThis JBoss ON 2.4.2 release serves as a replacement for JBoss ON 2.4.1,\nand includes several bug fixes. The Release\nNotes will be available shortly from\nhttps://docs.redhat.com/docs/en-US/index.html\n\nThe following security issues are also fixed with this release:\n\nJBoss ON did not properly verify security tokens, allowing an unapproved\nagent to connect as an approved agent. A remote attacker could use this\nflaw to spoof the identity of an approved agent, allowing them to hijack\nthe approved agent\u0027s session and steal its security token. As a result,\nthe attacker could retrieve sensitive data about the server the hijacked\nagent was running on, including JMX credentials. (CVE-2012-0052)\n\nJBoss ON sometimes allowed agent registration to succeed when the\nregistration request did not include a security token. This is a feature\ndesigned to add convenience. A remote attacker could use this flaw to\nspoof the identity of an approved agent and pass a null security token,\nallowing them to hijack the approved agent\u0027s session, and steal its\nsecurity token. As a result, the attacker could retrieve sensitive data\nabout the server the hijacked agent was running on, including JMX\ncredentials. (CVE-2011-4858)\n\nMultiple cross-site scripting (XSS) flaws were found in the JBoss ON\nadministration interface. If a remote attacker could trick a user, who was\nlogged into the JBoss ON administration interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user\u0027s JBoss ON session. (CVE-2011-3206)\n\nJBoss ON did not verify that a user had the proper modify resource\npermissions when they attempted to delete a plug-in configuration update\nfrom the group connection properties history. This could allow such a user\nto delete a plug-in configuration update from the audit trail. Note that a\nuser without modify resource permissions cannot use this flaw to make\nconfiguration changes. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: tomcat6 security update\nAdvisory ID: RHSA-2012:0475-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-0475.html\nIssue date: 2012-04-11\nCVE Names: CVE-2011-4858 CVE-2012-0022 \n=====================================================================\n\n1. Summary:\n\nUpdated tomcat6 packages that fix two security issues are now available for\nRed Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Optional (v. 6) - noarch\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - noarch\nRed Hat Enterprise Linux Server (v. 6) - noarch\nRed Hat Enterprise Linux Server Optional (v. 6) - noarch\nRed Hat Enterprise Linux Workstation (v. 6) - noarch\nRed Hat Enterprise Linux Workstation Optional (v. 6) - noarch\n\n3. Description:\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies. \n\nIt was found that the Java hashCode() method implementation was susceptible\nto predictable hash collisions. This update introduces a limit on the number of parameters processed\nper request to mitigate this issue. The default limit is 512 for\nparameters and 128 for headers. These defaults can be changed by setting\nthe org.apache.tomcat.util.http.Parameters.MAX_COUNT and\norg.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties. \n(CVE-2011-4858)\n\nIt was found that Tomcat did not handle large numbers of parameters and\nlarge parameter values efficiently. A remote attacker could make Tomcat\nuse an excessive amount of CPU time by sending an HTTP request containing a\nlarge number of parameters or large parameter values. This update\nintroduces limits on the number of parameters and headers processed per\nrequest to address this issue. Refer to the CVE-2011-4858 description for\ninformation about the org.apache.tomcat.util.http.Parameters.MAX_COUNT and\norg.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties. \n(CVE-2012-0022) \n\nRed Hat would like to thank oCERT for reporting CVE-2011-4858. oCERT\nacknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\nCVE-2011-4858. \n\nUsers of Tomcat should upgrade to these updated packages, which correct\nthese issues. Tomcat must be restarted for this update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n750521 - CVE-2011-4858 tomcat: hash table collisions CPU usage DoS (oCERT-2011-003)\n783359 - CVE-2012-0022 tomcat: large number of parameters DoS\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm\n\nnoarch:\ntomcat6-6.0.24-36.el6_2.noarch.rpm\ntomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm\ntomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm\ntomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm\ntomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm\ntomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm\ntomcat6-lib-6.0.24-36.el6_2.noarch.rpm\ntomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm\ntomcat6-webapps-6.0.24-36.el6_2.noarch.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm\n\nnoarch:\ntomcat6-6.0.24-36.el6_2.noarch.rpm\ntomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm\ntomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm\ntomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm\ntomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm\ntomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm\ntomcat6-lib-6.0.24-36.el6_2.noarch.rpm\ntomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm\ntomcat6-webapps-6.0.24-36.el6_2.noarch.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm\n\nnoarch:\ntomcat6-6.0.24-36.el6_2.noarch.rpm\ntomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm\ntomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm\ntomcat6-lib-6.0.24-36.el6_2.noarch.rpm\ntomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm\n\nnoarch:\ntomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm\ntomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm\ntomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm\ntomcat6-webapps-6.0.24-36.el6_2.noarch.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm\n\nnoarch:\ntomcat6-6.0.24-36.el6_2.noarch.rpm\ntomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm\ntomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm\ntomcat6-lib-6.0.24-36.el6_2.noarch.rpm\ntomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/tomcat6-6.0.24-36.el6_2.src.rpm\n\nnoarch:\ntomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm\ntomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm\ntomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm\ntomcat6-webapps-6.0.24-36.el6_2.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-4858.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0022.html\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttp://tomcat.apache.org/security-6.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFPhcuMXlSAg2UNWIIRAmgcAKCvoGLuPZCqAHY7u1xm60u7il7bEACfQGBI\n8HSOguJdUvIJBrIr8kyWHpc=\n=1ReJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nRelease Date: 2012-02-06\nLast Updated: 2012-02-06\n\n ------------------------------------------------------------------------------\n\nPotential Security Impact: Remote Denial of Service (DoS), access restriction bypass\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to perform an access restriction bypass. \n\nReferences: CVE-2006-7243, CVE-2011-4858, CVE-2011-4885, CVE-2012-0022\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.21 or earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2006-7243 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2011-4858 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-4885 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-0022 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following software updates to resolve the vulnerability. \nThe updates are available for download from\nftp://srt10728:Secure12@ftp.usa.hp.com\n\nNote: HP-UX Web Server Suite v3.22 contains HP-UX Tomcat-based Servlet Engine v5.5.35.01\n\nWeb Server Suite Version\n Apache Depot Name\n\nHP-UX Web Server Suite v.3.22\nHP-UX B.11.23 HPUXWS22ATW-B322-64.depot\n\nHP-UX B.11.23 HPUXWS22ATW-B322-32.depot\n\nHP-UX B.11.31 HPUXWS22ATW-B322-64.depot\n\nHP-UX B.11.31 HPUXWS22ATW-B322-32.depot\n\nMANUAL ACTIONS: Yes - Update\nInstall HP-UX Web Server Suite v3.22 or subsequent. \n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX Web Server Suite\n\nHP-UX B.11.23\nHP-UX B.11.31\n==================\nhpuxws22TOMCAT.TOMCAT\naction: install revision B.5.5.35.01 or subsequent\n\nhpuxws22APCH32.APACHE\nhpuxws22APCH32.APACHE2\nhpuxws22APCH32.AUTH_LDAP\nhpuxws22APCH32.AUTH_LDAP2\nhpuxws22APCH32.MOD_JK\nhpuxws22APCH32.MOD_JK2\nhpuxws22APCH32.MOD_PERL\nhpuxws22APCH32.MOD_PERL2\nhpuxws22APCH32.PHP\nhpuxws22APCH32.PHP2\nhpuxws22APCH32.WEBPROXY\naction: install revision B.2.2.15.11 or subsequent\n\nEND AFFECTED VERSION\n\nHISTORY\nVersion:1 (rev.1) - 06 February 2012 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2012 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Relevant releases/architectures:\n\nJBoss Enterprise Application Platform 5 for RHEL 4 AS - noarch\nJBoss Enterprise Application Platform 5 for RHEL 4 ES - noarch\nJBoss Enterprise Application Platform 5 for RHEL 5 Server - noarch\nJBoss Enterprise Application Platform 5 for RHEL 6 Server - noarch\n\n3. \n\nA flaw was found in the way JBoss Web handled UTF-8 surrogate pair\ncharacters. If JBoss Web was hosting an application with UTF-8 character\nencoding enabled, or that included user-supplied UTF-8 strings in a\nresponse, a remote attacker could use this flaw to cause a denial of\nservice (infinite loop) on the JBoss Web server. \n(CVE-2012-0022)\n\nMultiple flaws were found in the way JBoss Web handled HTTP DIGEST\nauthentication. These flaws weakened the JBoss Web HTTP DIGEST\nauthentication implementation, subjecting it to some of the weaknesses of\nHTTP BASIC authentication, for example, allowing remote attackers to\nperform session replay attacks. (CVE-2011-1184, CVE-2011-5062,\nCVE-2011-5063, CVE-2011-5064)\n\nA flaw was found in the way JBoss Web handled sendfile request attributes\nwhen using the HTTP APR (Apache Portable Runtime) or NIO (Non-Blocking I/O)\nconnector. A malicious web application running on a JBoss Web instance\ncould use this flaw to bypass security manager restrictions and gain access\nto files it would otherwise be unable to access, or possibly terminate the\nJava Virtual Machine (JVM). \n\nWarning: Before applying this update, back up your JBoss Enterprise\nApplication Platform\u0027s \"jboss-as/server/[PROFILE]/deploy/\" directory, along\nwith all other customized configuration files. ============================================================================\nUbuntu Security Notice USN-1359-1\nFebruary 13, 2012\n\ntomcat6 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 11.10\n- Ubuntu 11.04\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n\nSummary:\n\nTomcat could be made to crash or expose sensitive information if it\nreceived specially crafted network traffic. \n\nSoftware Description:\n- tomcat6: Servlet and JSP engine\n\nDetails:\n\nIt was discovered that Tomcat incorrectly performed certain caching and\nrecycling operations. A remote attacker could use this flaw to obtain read\naccess to IP address and HTTP header information in certain cases. This\nissue only applied to Ubuntu 11.10. (CVE-2011-4858)\n\nIt was discovered that Tomcat incorrectly handled parameters. (CVE-2012-0022)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 11.10:\n libtomcat6-java 6.0.32-5ubuntu1.2\n\nUbuntu 11.04:\n libtomcat6-java 6.0.28-10ubuntu2.3\n\nUbuntu 10.10:\n libtomcat6-java 6.0.28-2ubuntu1.6\n\nUbuntu 10.04 LTS:\n libtomcat6-java 6.0.24-2ubuntu1.10\n\nIn general, a standard system update will make all the necessary changes", "sources": [ { "db": "NVD", "id": "CVE-2011-4858" }, { "db": "CERT/CC", "id": "VU#903934" }, { "db": "JVNDB", "id": "JVNDB-2012-001003" }, { "db": "BID", "id": "51200" }, { "db": "VULMON", "id": "CVE-2011-4858" }, { "db": "PACKETSTORM", "id": "121037" }, { "db": "PACKETSTORM", "id": "108860" }, { "db": "PACKETSTORM", "id": "114139" }, { "db": "PACKETSTORM", "id": "109328" }, { "db": "PACKETSTORM", "id": "111783" }, { "db": "PACKETSTORM", "id": "109271" }, { "db": "PACKETSTORM", "id": "109542" }, { "db": "PACKETSTORM", "id": "110084" }, { "db": "PACKETSTORM", "id": "109272" }, { "db": "PACKETSTORM", "id": "109724" } ], "trust": 3.6 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=2012", "trust": 0.1, "type": "exploit" } ], "sources": [ { "db": "VULMON", "id": "CVE-2011-4858" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-4858", "trust": 3.7 }, { "db": "CERT/CC", "id": "VU#903934", "trust": 3.3 }, { "db": "OCERT", "id": "OCERT-2011-003", "trust": 2.8 }, { "db": "BID", "id": "51200", "trust": 1.4 }, { "db": "SECUNIA", "id": "48791", "trust": 1.1 }, { "db": "SECUNIA", "id": "48790", "trust": 1.1 }, { "db": "SECUNIA", "id": "48549", "trust": 1.1 }, { "db": "SECUNIA", "id": "54971", "trust": 1.1 }, { "db": "SECUNIA", "id": "55115", "trust": 1.1 }, { "db": "JVNDB", "id": "JVNDB-2012-001003", "trust": 0.8 }, { "db": "MLIST", "id": "[ANNOUNCE] 20111228 [SECURITY] APACHE TOMCAT AND THE HASHTABLE COLLISION DOS VULNERABILITY", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201201-056", "trust": 0.6 }, { "db": "HITACHI", "id": "HS12-002", "trust": 0.4 }, { "db": "HITACHI", "id": "HS12-019", "trust": 0.3 }, { "db": "SECUNIA", "id": "47643", "trust": 0.2 }, { "db": "EXPLOIT-DB", "id": "2012", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2011-4858", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "121037", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "108860", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "114139", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109328", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "111783", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109271", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109542", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "110084", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109272", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109724", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#903934" }, { "db": "VULMON", "id": "CVE-2011-4858" }, { "db": "BID", "id": "51200" }, { "db": "JVNDB", "id": "JVNDB-2012-001003" }, { "db": "PACKETSTORM", "id": "121037" }, { "db": "PACKETSTORM", "id": "108860" }, { "db": "PACKETSTORM", "id": "114139" }, { "db": "PACKETSTORM", "id": "109328" }, { "db": "PACKETSTORM", "id": "111783" }, { "db": "PACKETSTORM", "id": "109271" }, { "db": "PACKETSTORM", "id": "109542" }, { "db": "PACKETSTORM", "id": "110084" }, { "db": "PACKETSTORM", "id": "109272" }, { "db": "PACKETSTORM", "id": "109724" }, { "db": "CNNVD", "id": "CNNVD-201201-056" }, { "db": "NVD", "id": "CVE-2011-4858" } ] }, "id": "VAR-201201-0259", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.26205936 }, "last_update_date": "2024-07-23T19:45:33.833000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Changelog", "trust": 0.8, "url": "http://tomcat.apache.org/tomcat-7.0-doc/changelog.html" }, { "title": "HS12-019", "trust": 0.8, "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-019/index.html" }, { "title": "HS12-003", "trust": 0.8, "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-003/index.html" }, { "title": "1626697", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21626697" }, { "title": "4034373", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034373" }, { "title": "NV12-003", "trust": 0.8, "url": "http://www.nec.co.jp/security-info/secinfo/nv12-003.html" }, { "title": "Bug 750521", "trust": 0.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=750521" }, { "title": "Multiple vulnerabilities in Oracle Java Web Console - oracle_java", "trust": 0.8, "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java" }, { "title": "Multiple vulnerabilities in Oracle Java Web Console - oracle_java1", "trust": 0.8, "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java1" }, { "title": "Multiple Denial of Service (DoS) vulnerabilities in Apache Tomcat", "trust": 0.8, "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos" }, { "title": "CY12-02-006", "trust": 0.8, "url": "http://cs.cybozu.co.jp/information/20120224up08.php" }, { "title": "interstage_as_201201", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201201.html" }, { "title": "HS12-019", "trust": 0.8, "url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-019/index.html" }, { "title": "HS12-003", "trust": 0.8, "url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-003/index.html" }, { "title": "\u3010iStorage M\u30b7\u30ea\u30fc\u30ba\u3011WebSAM Storage VMware vCenter Plug-inV1.1\u304c\u4f7f\u7528\u3057\u3066\u3044\u308bApache Tomcat\u8106\u5f31\u6027\u554f\u984c\u306e\u5bfe\u51e6\u306b\u3064\u3044\u3066", "trust": 0.8, "url": "http://www.support.nec.co.jp/view.aspx?id=3140100906" }, { "title": "WebOTX Web\u30b3\u30f3\u30c6\u30ca \u306e\u30cf\u30c3\u30b7\u30e5\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\uff08CVE-2011-4858\uff09\u306b\u3064\u3044\u3066", "trust": 0.8, "url": "https://www.support.nec.co.jp/view.aspx?id=3010100358" }, { "title": "InfoCage PC\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 - \u91cd\u8981\u306a\u304a\u77e5\u3089\u305b", "trust": 0.8, "url": "http://www.nec.co.jp/cced/infocage/info/pc_security_news120329.html" }, { "title": "Red Hat: Moderate: tomcat6 security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120475 - security advisory" }, { "title": "Red Hat: Moderate: tomcat5 security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120474 - security advisory" }, { "title": "Red Hat: Important: jbossweb security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120074 - security advisory" }, { "title": "Red Hat: Important: jbossweb security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120076 - security advisory" }, { "title": "Ubuntu Security Notice: tomcat6 vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1359-1" }, { "title": "Red Hat: Moderate: tomcat5 security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120680 - security advisory" }, { "title": "Red Hat: Moderate: tomcat6 security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120682 - security advisory" }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2011-4084 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2011-4858" }, { "db": "JVNDB", "id": "JVNDB-2012-001003" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-399", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-001003" }, { "db": "NVD", "id": "CVE-2011-4858" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.8, "url": "http://www.ocert.org/advisories/ocert-2011-003.html" }, { "trust": 2.8, "url": "http://www.nruns.com/_downloads/advisory28122011.pdf" }, { "trust": 2.5, "url": "http://www.kb.cert.org/vuls/id/903934" }, { "trust": 1.7, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=750521" }, { "trust": 1.7, "url": "http://tomcat.apache.org/tomcat-7.0-doc/changelog.html" }, { "trust": 1.2, "url": "http://rhn.redhat.com/errata/rhsa-2012-0089.html" }, { "trust": 1.2, "url": "http://rhn.redhat.com/errata/rhsa-2012-0074.html" }, { "trust": 1.2, "url": "http://rhn.redhat.com/errata/rhsa-2012-0075.html" }, { "trust": 1.2, "url": "http://rhn.redhat.com/errata/rhsa-2012-0325.html" }, { "trust": 1.1, "url": "https://github.com/firefart/hashcollision-dos-poc/blob/master/hashtablepoc.py" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2" }, { "trust": 1.1, "url": "http://www.debian.org/security/2012/dsa-2401" }, { "trust": 1.1, "url": "http://secunia.com/advisories/48791" }, { "trust": 1.1, "url": "http://secunia.com/advisories/48790" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2" }, { "trust": 1.1, "url": "http://secunia.com/advisories/54971" }, { "trust": 1.1, "url": "http://secunia.com/advisories/55115" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2012-0406.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2012-0076.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2012-0078.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2012-0077.html" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/51200" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18886" }, { "trust": 1.1, "url": "http://secunia.com/advisories/48549" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=133294394108746\u0026w=2" }, { "trust": 1.0, "url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/201112.mbox/%3c4efb9800.5010106@apache.org%3e" }, { "trust": 1.0, "url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/201112.mbox/%3c4efb9800.5010106%40apache.org%3e" }, { "trust": 0.9, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4858" }, { "trust": 0.8, "url": "http://www.cs.rice.edu/~scrosby/hash/crosbywallach_usenixsec2003.pdf" }, { "trust": 0.8, "url": "http://technet.microsoft.com/en-us/security/bulletin/ms11-100.mspx" }, { "trust": 0.8, "url": "http://blogs.technet.com/b/srd/archive/2011/12/27/more-information-about-the-december-2011-asp-net-vulnerability.aspx" }, { "trust": 0.8, "url": "http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/391606" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4858" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20120106-web.html" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu903934" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4858" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0022" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2526" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1184" }, { "trust": 0.5, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.5, "url": "https://www.redhat.com/security/data/cve/cve-2011-4858.html" }, { "trust": 0.5, "url": "http://bugzilla.redhat.com/):" }, { "trust": 0.5, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.4, "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-002/index.html" }, { "trust": 0.4, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.4, "url": "https://www.redhat.com/security/data/cve/cve-2012-0022.html" }, { "trust": 0.3, "url": "http://tomcat.apache.org/" }, { "trust": 0.3, "url": "http://geronimo.apache.org/21x-security-report.html#2.1.xsecurityreport-218" }, { "trust": 0.3, "url": "http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03231290\u0026ac.admitted=1332939369059.876444892.492883150" }, { "trust": 0.3, "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java" }, { "trust": 0.3, "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java1" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675356" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675361" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21674752" }, { "trust": 0.3, "url": "http://downloads.avaya.com/css/p8/documents/100160577" }, { "trust": 0.3, "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-019/index.html" }, { "trust": 0.3, "url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03231290\u0026ac.admitted=1332967060052.876444892.199480143" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03824583" }, { "trust": 0.3, "url": "http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?javax.portlet.endcachetok=com.vignette.cachetoken\u0026javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalsta" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650482" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21654075" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21654242" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21651284" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672144" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21646446" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21626697" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2011-4610.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2011-5063.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2011-2526.html" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-5063" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4610" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2011-5064.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2011-1184.html" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-5064" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2011-5062.html" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-5062" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2204" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0033" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2902" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3718" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3190" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0580" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2693" }, { "trust": 0.2, "url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.2, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0781" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2227" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2008-5515" }, { "trust": 0.2, "url": "https://www.hp.com/go/swa" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0783" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0013" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1157" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2729" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3375" }, { "trust": 0.2, "url": "https://access.redhat.com/kb/docs/doc-11259" }, { "trust": 0.2, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/399.html" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2012:0475" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2011-4084" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/1359-1/" }, { "trust": 0.1, "url": "https://www.exploit-db.com/exploits/2012/" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=24901" }, { "trust": 0.1, "url": "https://h20392.www2.hp.com/portal" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3548" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4476" }, { "trust": 0.1, "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5885" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47643" }, { "trust": 0.1, "url": "http://secunia.com/company/jobs/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/47643/#comments" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/47643/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0783" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0033" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0781" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2729" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2902" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5062" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0534" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1183" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3718" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1475" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0534" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0013" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5063" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1582" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4172" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5064" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4312" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1475" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1088" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0580" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2901" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2526" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1183" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1184" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2204" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0022" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2693" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1157" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4172" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1088" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2481" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4312" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4858" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2227" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2481" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5515" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2901" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3190" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1419" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3375" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201206-24.xml" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1582" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1419" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-4573.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0052.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0062" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0052" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4573" }, { "trust": 0.1, "url": "https://docs.redhat.com/docs/en-us/index.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3206.html" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=em\u0026version=2.4.2" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3206" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0062.html" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2012-0475.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.1, "url": "http://tomcat.apache.org/security-6.html" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=5.1.2" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4885" }, { "trust": 0.1, "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-7243" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=brms\u0026downloadtype=securitypatches\u0026version=5.2.0" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=soaplatform\u0026downloadtype=securitypatches\u0026version=5.2.0+ga" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=jbportal\u0026downloadtype=securitypatches\u0026version=5.2.0" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/tomcat6/6.0.24-2ubuntu1.10" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/tomcat6/6.0.28-10ubuntu2.3" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/tomcat6/6.0.28-2ubuntu1.6" }, { "trust": 0.1, "url": "http://www.ubuntu.com/usn/usn-1359-1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/tomcat6/6.0.32-5ubuntu1.2" } ], "sources": [ { "db": "CERT/CC", "id": "VU#903934" }, { "db": "VULMON", "id": "CVE-2011-4858" }, { "db": "BID", "id": "51200" }, { "db": "JVNDB", "id": "JVNDB-2012-001003" }, { "db": "PACKETSTORM", "id": "121037" }, { "db": "PACKETSTORM", "id": "108860" }, { "db": "PACKETSTORM", "id": "114139" }, { "db": "PACKETSTORM", "id": "109328" }, { "db": "PACKETSTORM", "id": "111783" }, { "db": "PACKETSTORM", "id": "109271" }, { "db": "PACKETSTORM", "id": "109542" }, { "db": "PACKETSTORM", "id": "110084" }, { "db": "PACKETSTORM", "id": "109272" }, { "db": "PACKETSTORM", "id": "109724" }, { "db": "CNNVD", "id": "CNNVD-201201-056" }, { "db": "NVD", "id": "CVE-2011-4858" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#903934" }, { "db": "VULMON", "id": "CVE-2011-4858" }, { "db": "BID", "id": "51200" }, { "db": "JVNDB", "id": "JVNDB-2012-001003" }, { "db": "PACKETSTORM", "id": "121037" }, { "db": "PACKETSTORM", "id": "108860" }, { "db": "PACKETSTORM", "id": "114139" }, { "db": "PACKETSTORM", "id": "109328" }, { "db": "PACKETSTORM", "id": "111783" }, { "db": "PACKETSTORM", "id": "109271" }, { "db": "PACKETSTORM", "id": "109542" }, { "db": "PACKETSTORM", "id": "110084" }, { "db": "PACKETSTORM", "id": "109272" }, { "db": "PACKETSTORM", "id": "109724" }, { "db": "CNNVD", "id": "CNNVD-201201-056" }, { "db": "NVD", "id": "CVE-2011-4858" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-12-28T00:00:00", "db": "CERT/CC", "id": "VU#903934" }, { "date": "2012-01-05T00:00:00", "db": "VULMON", "id": "CVE-2011-4858" }, { "date": "2011-12-29T00:00:00", "db": "BID", "id": "51200" }, { "date": "2012-01-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-001003" }, { "date": "2013-04-01T15:55:00", "db": "PACKETSTORM", "id": "121037" }, { "date": "2012-01-20T08:20:03", "db": "PACKETSTORM", "id": "108860" }, { "date": "2012-06-24T23:54:31", "db": "PACKETSTORM", "id": "114139" }, { "date": "2012-02-02T01:22:48", "db": "PACKETSTORM", "id": "109328" }, { "date": "2012-04-12T03:14:12", "db": "PACKETSTORM", "id": "111783" }, { "date": "2012-02-01T02:54:44", "db": "PACKETSTORM", "id": "109271" }, { "date": "2012-02-08T16:07:24", "db": "PACKETSTORM", "id": "109542" }, { "date": "2012-02-23T04:44:48", "db": "PACKETSTORM", "id": "110084" }, { "date": "2012-02-01T02:55:02", "db": "PACKETSTORM", "id": "109272" }, { "date": "2012-02-13T21:10:42", "db": "PACKETSTORM", "id": "109724" }, { "date": "2012-01-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201201-056" }, { "date": "2012-01-05T19:55:01.033000", "db": "NVD", "id": "CVE-2011-4858" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-02-15T00:00:00", "db": "CERT/CC", "id": "VU#903934" }, { "date": "2018-01-09T00:00:00", "db": "VULMON", "id": "CVE-2011-4858" }, { "date": "2017-05-23T16:26:00", "db": "BID", "id": "51200" }, { "date": "2013-03-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-001003" }, { "date": "2012-01-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201201-056" }, { "date": "2023-11-07T02:09:38.600000", "db": "NVD", "id": "CVE-2011-4858" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "111783" }, { "db": "PACKETSTORM", "id": "109271" }, { "db": "PACKETSTORM", "id": "110084" }, { "db": "PACKETSTORM", "id": "109272" }, { "db": "PACKETSTORM", "id": "109724" }, { "db": "CNNVD", "id": "CNNVD-201201-056" } ], "trust": 1.1 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Hash table implementations vulnerable to algorithmic complexity attacks", "sources": [ { "db": "CERT/CC", "id": "VU#903934" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201201-056" } ], "trust": 0.6 } }
var-201405-0502
Vulnerability from variot
CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and modify session state via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0113. This vulnerability CVE-2014-0113 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The " operation " And the session state may change. Apache Struts is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16.2 are vulnerable
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201405-0502", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.15.2" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.7" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.15.1" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.4" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.15.3" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.8" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.3" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.16.2" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.16.1" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.4.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.6" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.8.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.5" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.12" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.14" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.14.2" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.2.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.9" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.15" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.11" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.7" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.5" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.4" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.1.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.0" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.2.1.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.2.3" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.11.2" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.14" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.2.3.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.11.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.10" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.4" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.3" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.8" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.14.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.8" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.2" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.2" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.13" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.16" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.0" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.6" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.14.3" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.12" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.3" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.1.2" }, { "model": "webotx portal", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v9.1" }, { "model": "infocage", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "security risk management v1.0.0 to v2.1.3" }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator" }, { "model": "interstage service integrator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "struts", "scope": "eq", "trust": 0.8, "vendor": "apache", "version": "2.3.16.3" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "web edition v5.1 to v5.2" }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "connections", "scope": "eq", "trust": 0.8, "vendor": "ibm", "version": "4.5" }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "infocage", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "pc security" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v7.1" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "analytics server" }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application development cycle manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "struts", "scope": "lt", "trust": 0.8, "vendor": "apache", "version": "2.x" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager lite v2.0" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business analytics modeling server" }, { "model": "mysql", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "enterprise monitor 3.0.10 and earlier" }, { "model": "webotx portal", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v8.3 to v8.4" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "web edition v6.1 to v6.5" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise edition v6.1 to v6.5" }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "esmpro/servermanager", "scope": "lte", "trust": 0.8, "vendor": "nec", "version": "ver5.75 and earlier" }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard-j edition v5.1 to v5.2" }, { "model": "connections", "scope": "eq", "trust": 0.8, "vendor": "ibm", "version": "4.0" }, { "model": "mysql", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "enterprise monitor 2.3.16 and earlier" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business process manager analytics" }, { "model": "integrated system ha database ready", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "triole", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "cloud middle set b set" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager st ard v2.0" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard-j edition v6.1 to v6.5" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard edition v6.1 to v6.5" }, { "model": "connections", "scope": "lte", "trust": 0.8, "vendor": "ibm", "version": "3.0.1.1 and earlier" }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager enterprise v7.1" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "extreme transaction processing server" }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "connections", "scope": "eq", "trust": 0.8, "vendor": "ibm", "version": "5.0" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard edition v5.1 to v5.2" }, { "model": "webotx developer", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "\"v8.2 to v8.4 (with developers studio only )\"" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "mobile manager" }, { "model": "systemwalker service quality coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "server" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise edition v5.1 to v5.2" }, { "model": "webotx developer", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "\"v9.1 to v9.2 (with developers studio only )\"" }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.11" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.7" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.14" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.9" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.12" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.13" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.10" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2" } ], "sources": [ { "db": "BID", "id": "67218" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-0116" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Zubair Ashraf of IBM X-Force", "sources": [ { "db": "BID", "id": "67218" } ], "trust": 0.3 }, "cve": "CVE-2014-0116", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 4.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.8, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2014-0116", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-0116", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201405-150", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2014-0116", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0116" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and modify session state via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0113. This vulnerability CVE-2014-0113 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The \" operation \" And the session state may change. Apache Struts is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16.2 are vulnerable", "sources": [ { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "BID", "id": "67218" }, { "db": "VULMON", "id": "CVE-2014-0116" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-0116", "trust": 2.8 }, { "db": "BID", "id": "67218", "trust": 2.0 }, { "db": "SECUNIA", "id": "59816", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2014-002411", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201405-150", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2014-0116", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0116" }, { "db": "BID", "id": "67218" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "id": "VAR-201405-0502", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.1875 }, "last_update_date": "2023-12-18T12:38:15.993000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "1680848", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680848" }, { "title": "1681190", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681190" }, { "title": "NV15-001", "trust": 0.8, "url": "http://jpn.nec.com/security-info/secinfo/nv15-001.html" }, { "title": "Oracle Critical Patch Update Advisory - April 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html" }, { "title": "Bug 1094558", "trust": 0.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094558" }, { "title": "Huawei-SA-20140707-01-Struts2", "trust": 0.8, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm" }, { "title": "April 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update" }, { "title": "S2-022", "trust": 0.8, "url": "http://struts.apache.org/release/2.3.x/docs/s2-022.html" }, { "title": "CVE-2014-0094 \u4ed6 \u306b\u95a2\u3059\u308b\u5f71\u97ff", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html" }, { "title": "Symfoware Server\uff08Open\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\uff09: Struts\u306e\u8106\u5f31\u6027(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014\u5e746\u67082\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html" }, { "title": "FUJITSU Integrated System HA Database Ready: Struts2\u306e\u8106\u5f31\u6027(CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116) (2014\u5e746\u670819\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html" }, { "title": "Red Hat: CVE-2014-0116", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0116" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585" }, { "title": "-maven-security-versions", "trust": 0.1, "url": "https://github.com/nagauker/-maven-security-versions " }, { "title": "maven-security-versions-Travis", "trust": 0.1, "url": "https://github.com/klee94/maven-security-versions-travis " }, { "title": "maven-security-versions", "trust": 0.1, "url": "https://github.com/victims/maven-security-versions " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/tmpgit3000/victims " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/alexsh88/victims " } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0116" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "http://struts.apache.org/release/2.3.x/docs/s2-022.html" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/67218" }, { "trust": 1.7, "url": "http://secunia.com/advisories/59816" }, { "trust": 1.7, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm" }, { "trust": 1.7, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0116" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0116" }, { "trust": 0.3, "url": "http://struts.apache.org/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/264.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34163" }, { "trust": 0.1, "url": "https://github.com/victims/maven-security-versions" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0116" }, { "db": "BID", "id": "67218" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-0116" }, { "db": "BID", "id": "67218" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-05-08T00:00:00", "db": "VULMON", "id": "CVE-2014-0116" }, { "date": "2014-05-06T00:00:00", "db": "BID", "id": "67218" }, { "date": "2014-05-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "date": "2014-05-08T10:55:02.967000", "db": "NVD", "id": "CVE-2014-0116" }, { "date": "2014-05-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-12T00:00:00", "db": "VULMON", "id": "CVE-2014-0116" }, { "date": "2015-04-16T18:14:00", "db": "BID", "id": "67218" }, { "date": "2016-08-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "date": "2019-08-12T21:15:12.703000", "db": "NVD", "id": "CVE-2014-0116" }, { "date": "2019-08-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201405-150" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Struts of CookieInterceptor In ClassLoader Vulnerability manipulated", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-002411" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control issues", "sources": [ { "db": "CNNVD", "id": "CNNVD-201405-150" } ], "trust": 0.6 } }
var-201412-0271
Vulnerability from variot
The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself. The problem is CVE-2014-3566 ( alias POODLE) Similar problem. TLS is a new protocol developed by the IETF (Engineering Task Force). It is based on the SSL protocol specification and is the subsequent version of SSL. The Secure Transport Layer Protocol (TLS) is used to provide confidentiality and data integrity between two communication applications.
TLS has security vulnerabilities that mainly affect browsers. Because TLS1.2 failed to correctly verify PADDING, even if the attacker did not first downgrade to SSL3.0, he could use TLS1.2 to bypass the transport layer encryption mechanism by using man-in-the-middle attack methods to steal the user's sensitive information, such as cookies , Account information, etc. Note: This issue was previously titled 'OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability'. The title and technical details have been changed to better reflect the underlying component affected. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM version 10.0.0 to 10.2.4 and 11.0.0 to 11.5.1, AAM version 11.4.0 to 11.5.1, AFM 11.3. 0 to 11.5.1, Analytics 11.0.0 to 11.5.1, Edge Gateway, WebAccelerator, WOM 10.1.0 to 10.2.4 and 11.0.0 to 11.3.0, PEM 11.3.0 to 11.6.0, PSM 10.0.0 to 10.2.4 and 11.0.0 to 11.4.1, BIG-IQ Cloud, Security 4.0.0 to 4.4.0, Device 4.2.0 to 4.4 .0 version. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04819635
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04819635 Version: 1
HPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-09-29 Last Updated: 2015-09-29
Potential Security Impact: Disclosure of Privileged Information, Remote Disclosure of Privileged Information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with the HP VAN SDN Controller running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of privileged information.
References:
CVE-2014-8730 SSRT102263
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
VAN SDN Controller 2.5.21 VAN SDN Controller 2.5.15
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-8730 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends disabling TLS v1.0 by deleting its entry in sslEnabledProtocols in the client Auth properties of the /opt/sdn/virgo/configuration/tomcat-server.xml file.
Open the /opt/sdn/virgo/configuration/tomcat-server.xml file for editing Change the following line from this: clientAuth="false" sslEnabledProtocols="TLSv1.0, TLSv1.1,TLSv1.2" to this: clientAuth="false" sslEnabledProtocols=" TLSv1.1,TLSv1.2" Restart the controller.
HISTORY Version:1 (rev.1) - 29 September 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlYKlgkACgkQ4B86/C0qfVmdggCg40wxxeG+Op+gBFzLBG9neKCo bW4AnjzTddq/rpaQfITkTvhg7DUpT9f5 =Px26 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201412-0271", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-iq device", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.4.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-iq device", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.3.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-iq device", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.0.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.4.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.1.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.4.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.3.0" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.3.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.1.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.0.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.1.0 to 10.2.4" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.3.0 to 11.5.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.4.0 to 11.5.1" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.1.0 to 10.2.4" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.3.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.3.0 to 11.6.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.4.1" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.3.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.3.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "4.0.0 to 4.4.0" }, { "model": "big-iq device", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "4.2.0 to 4.4.0" }, { "model": "big-iq security", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "4.0.0 to 4.4.0" }, { "model": "internet navigware e-learning pack", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "internet navigware enterprise lms server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage web server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage web server express", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "safeauthor", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator cloud edition" }, { "model": "systemwalker centric manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop inspection", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop keeper", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop patrol", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker it change manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker operation manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker runbook automation", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker security control", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "tls", "scope": "eq", "trust": 0.6, "vendor": "f5", "version": "1.2" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.1.1" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.1" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.0.7" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.0.6" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.15" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.14" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.5" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.2" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.4" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.3" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.0" }, { "model": "sa700", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa6500", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa6000", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa4500", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa4000", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa2500", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa2000", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag6611", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag6610", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag4610", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag2600", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "txseries for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "txseries for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1" }, { "model": "txseries for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.3" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.2" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.5" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.4" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.3" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.2" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.4" }, { "model": "tivoli system automation for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.2.2.6" }, { "model": "tivoli service request manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "tivoli service request manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "tivoli monitoring for virtual environments", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "tivoli monitoring", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.31" }, { "model": "tivoli monitoring", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.0" }, { "model": "tivoli endpoint manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "tivoli endpoint manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.2" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "tivoli asset management for it", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "tivoli asset management for it", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "tivoli access manager for e-business", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "tivoli access manager for e-business", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "tivoli access manager for e-business", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "spss modeler", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "16.0" }, { "model": "smartcloud provisioning for software virtual appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.13" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.12" }, { "model": "smartcloud provisioning ifix2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.01" }, { "model": "smartcloud provisioning ifix6", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.1" }, { "model": "smartcloud provisioning ifix1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.5" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.4" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2" }, { "model": "smartcloud orchestrator fp1 ifix6", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1 ifix5", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1 ifix4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "smartcloud orchestrator", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "smartcloud cost management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.3" }, { "model": "smartcloud cost management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.2" }, { "model": "smartcloud control desk", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "security directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.1" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.02" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.5" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.4" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.2" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0" }, { "model": "security access manager for mobile", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.5" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.41" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.4" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.38" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.37" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.35" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.34" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.33" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.32" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.31" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.211" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.210" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.18" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.17" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.16" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.4.6" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.4.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.3.6" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.3.10" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.9" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.8" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.7" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.6" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.5" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.4" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.2" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.13" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.12" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.1" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.9" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.5" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.4" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.2" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.1" }, { "model": "rational doors web access", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.61" }, { "model": "rational doors web access", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.21" }, { "model": "rational doors web access", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.12" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.11" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.1" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.51" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.41" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.37" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.36" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.35" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.34" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.33" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.32" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.31" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.6.1.0" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.6.0.1" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.6" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2.1" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.1.3" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.0.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.4.0.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.4" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.3.0.8" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.13" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.010" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.213" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.211" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.18" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.6" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.9" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.8" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.7" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.3" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.13" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.12" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.11" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.06" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.9" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.8" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.7" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.6" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.3" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.16" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.15" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.14" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.12" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.10" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.9" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.7" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.6" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.3" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "pureapplication system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "pureapplication system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0" }, { "model": "pureapplication system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "maximo for utilities", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for utilities", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for transportation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for transportation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for oil and gas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for oil and gas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for nuclear power", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for nuclear power", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for life sciences", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for life sciences", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for government", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for government", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo asset management essentials", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo asset management essentials", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.6" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.2" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.5" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.122" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.121" }, { "model": "domino fp if4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.36" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.365" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.242" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.152" }, { "model": "domino if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.06" }, { "model": "db2 enterprise server edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "cloud manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2" }, { "model": "cloud manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2.0.1" }, { "model": "change and configuration management database", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "change and configuration management database", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "business process manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "business process manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "api management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "api management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.2.2" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.9" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.8" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.7" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.3" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.2" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.1" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.7.7" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.17" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.15" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.10" }, { "model": "fortios b0630", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.8" }, { "model": "fortios b0537", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.8" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.8" }, { "model": "fortios beta", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.80" }, { "model": "fortios mr5", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.50" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.50" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.36" }, { "model": "fortios mr10", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.8" }, { "model": "fortios 0mr4", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.5" }, { "model": "fortios build", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.2.0589" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.2.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.6" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.5" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.4" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.0" }, { "model": "fortios b064", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.18" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.16" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.14" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.13" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.12" }, { "model": "fortios mr2", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios mr1", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios mr12", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.80" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.1" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.0" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.1" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip wan optimization module", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip wan optimization module", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip wan optimization module", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip ltm hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.1" }, { "model": "big-ip edge gateway hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0.00" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.40" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0.00" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0.39.0" }, { "model": "ace application control engine module", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "adaptive security appliance software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "point software secureplatform os r77.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r77.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r77", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r76", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.47", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.46", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.45", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.40vs", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.40", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.30", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r77.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r77.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r77", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r76", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.47", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.46", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.45", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.40vs", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.40", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.30", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software check point ipso", "scope": "eq", "trust": 0.3, "vendor": "check", "version": "6.2" }, { "model": "networks adc 2.7.2-p3", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "networks adc 2.7.1-p5", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "networks adc 2.7.0-p6", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "networks adc 2.6.1-gr1", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "smartcloud provisioning ifix", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.17" }, { "model": "smartcloud orchestrator fp1 ifix7", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.6.1.1" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.6.0.2" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5.2.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5.1.4" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5.0.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.4.0.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.3.0.9" }, { "model": "fortios", "scope": "ne", "trust": 0.3, "vendor": "fortinet", "version": "5.2.3" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-8730" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adam Langley", "sources": [ { "db": "BID", "id": "71549" } ], "trust": 0.3 }, "cve": "CVE-2014-8730", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 4.3, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2014-8730", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CNVD-2014-08824", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-76675", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-8730", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2014-08824", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201412-189", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-76675", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself. The problem is CVE-2014-3566 ( alias POODLE) Similar problem. TLS is a new protocol developed by the IETF (Engineering Task Force). It is based on the SSL protocol specification and is the subsequent version of SSL. The Secure Transport Layer Protocol (TLS) is used to provide confidentiality and data integrity between two communication applications. \r\n\r\n\r\nTLS has security vulnerabilities that mainly affect browsers. Because TLS1.2 failed to correctly verify PADDING, even if the attacker did not first downgrade to SSL3.0, he could use TLS1.2 to bypass the transport layer encryption mechanism by using man-in-the-middle attack methods to steal the user\u0027s sensitive information, such as cookies , Account information, etc. \nNote: This issue was previously titled \u0027OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability\u0027. The title and technical details have been changed to better reflect the underlying component affected. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM version 10.0.0 to 10.2.4 and 11.0.0 to 11.5.1, AAM version 11.4.0 to 11.5.1, AFM 11.3. 0 to 11.5.1, Analytics 11.0.0 to 11.5.1, Edge Gateway, WebAccelerator, WOM 10.1.0 to 10.2.4 and 11.0.0 to 11.3.0, PEM 11.3.0 to 11.6.0, PSM 10.0.0 to 10.2.4 and 11.0.0 to 11.4.1, BIG-IQ Cloud, Security 4.0.0 to 4.4.0, Device 4.2.0 to 4.4 .0 version. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04819635\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04819635\nVersion: 1\n\nHPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-09-29\nLast Updated: 2015-09-29\n\nPotential Security Impact: Disclosure of Privileged Information, Remote\nDisclosure of Privileged Information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with the HP VAN SDN\nController running SSLv3. This is the SSLv3 vulnerability known as \"Padding\nOracle on Downgraded Legacy Encryption\" also known as \"Poodle\", which could\nbe exploited remotely resulting in disclosure of privileged information. \n\nReferences:\n\nCVE-2014-8730\nSSRT102263\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nVAN SDN Controller 2.5.21\nVAN SDN Controller 2.5.15\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-8730 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends disabling TLS v1.0 by deleting its entry in sslEnabledProtocols\nin the client Auth properties of the\n/opt/sdn/virgo/configuration/tomcat-server.xml file. \n\nOpen the /opt/sdn/virgo/configuration/tomcat-server.xml file for editing\nChange the following line from this: clientAuth=\"false\"\nsslEnabledProtocols=\"TLSv1.0, TLSv1.1,TLSv1.2\" to this: clientAuth=\"false\"\nsslEnabledProtocols=\" TLSv1.1,TLSv1.2\"\nRestart the controller. \n\nHISTORY\nVersion:1 (rev.1) - 29 September 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlYKlgkACgkQ4B86/C0qfVmdggCg40wxxeG+Op+gBFzLBG9neKCo\nbW4AnjzTddq/rpaQfITkTvhg7DUpT9f5\n=Px26\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "BID", "id": "71549" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" } ], "trust": 2.7 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-76675", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-76675" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-8730", "trust": 3.6 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2014/12/09/27", "trust": 1.7 }, { "db": "SECUNIA", "id": "62167", "trust": 1.1 }, { "db": "SECUNIA", "id": "62388", "trust": 1.1 }, { "db": "SECUNIA", "id": "62224", "trust": 1.1 }, { "db": "BID", "id": "71549", "trust": 1.0 }, { "db": "JVNDB", "id": "JVNDB-2014-005869", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201412-189", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2014-08824", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "133815", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-76675", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "139063", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" }, { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "id": "VAR-201412-0271", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-76675" } ], "trust": 0.51413815875 }, "last_update_date": "2023-12-18T10:53:27.101000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "CVE-2014-8730 Padding issue", "trust": 0.8, "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151" }, { "title": "sol15882: TLS1.x padding vulnerability CVE-2014-8730", "trust": 0.8, "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html" }, { "title": "Interstage\u3084Systemwalker\u95a2\u9023\u88fd\u54c1\uff1aTLS1.0\u5b9f\u88c5\u306b\u304a\u3051\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8106\u5f31\u6027\u306e\u554f\u984c", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_systemwalker_tls_201501.html" }, { "title": "Patch for TLS fills man-in-the-middle attack vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/52704" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-310", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-76675" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "NVD", "id": "CVE-2014-8730" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html" }, { "trust": 2.6, "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html" }, { "trust": 2.0, "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8730" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495" }, { "trust": 1.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04819635" }, { "trust": 1.1, "url": "https://support.lenovo.com/product_security/poodle" }, { "trust": 1.1, "url": "https://support.lenovo.com/us/en/product_security/poodle" }, { "trust": 1.1, "url": "http://secunia.com/advisories/62167" }, { "trust": 1.1, "url": "http://secunia.com/advisories/62224" }, { "trust": 1.1, "url": "http://secunia.com/advisories/62388" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8730" }, { "trust": 0.3, "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk103683" }, { "trust": 0.3, "url": "http://www.fortiguard.com/advisory/cve-2014-8730--poodle-for-tls--vulnerability/" }, { "trust": 0.3, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36740" }, { "trust": 0.3, "url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-8730" }, { "trust": 0.3, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=tsb16579" }, { "trust": 0.3, "url": "https://securityadvisories.paloaltonetworks.com/home/detail/28?aspxautodetectcookiesupport=1" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695127" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698837" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685985" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699160" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021903" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693877" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693142" }, { "trust": 0.3, "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21692502" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960375" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693290" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693623" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700209" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692934" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693285" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692618" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692802" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693330" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698986" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961009" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8730" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=144372772101168\u0026amp;w=2" }, { "trust": 0.1, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.1, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/" }, { "trust": 0.1, "url": "http://www.hpe.com/support/security_bulletin_archive" }, { "trust": 0.1, "url": "https://www.hpe.com/info/report-security-vulnerability" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04819635" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499" }, { "trust": 0.1, "url": "http://www.hpe.com/support/subscriber_choice" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" }, { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" }, { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-12-11T00:00:00", "db": "CNVD", "id": "CNVD-2014-08824" }, { "date": "2014-12-10T00:00:00", "db": "VULHUB", "id": "VHN-76675" }, { "date": "2014-12-08T00:00:00", "db": "BID", "id": "71549" }, { "date": "2014-12-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "date": "2015-10-02T23:43:22", "db": "PACKETSTORM", "id": "133815" }, { "date": "2016-10-12T04:50:49", "db": "PACKETSTORM", "id": "139063" }, { "date": "2014-12-10T00:59:01.293000", "db": "NVD", "id": "CVE-2014-8730" }, { "date": "2014-12-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-02-21T00:00:00", "db": "CNVD", "id": "CNVD-2014-08824" }, { "date": "2017-01-03T00:00:00", "db": "VULHUB", "id": "VHN-76675" }, { "date": "2016-10-26T11:05:00", "db": "BID", "id": "71549" }, { "date": "2015-03-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "date": "2017-01-03T02:59:21.893000", "db": "NVD", "id": "CVE-2014-8730" }, { "date": "2014-12-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201412-189" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural F5 Product SSL Vulnerability in obtaining clear text data in profile component", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-005869" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "encryption problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201412-189" } ], "trust": 0.6 } }
var-201404-0286
Vulnerability from variot
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated. NTT-CERT reported this vulnerability to IPA. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Summary:
A minor version update (from 7.2 to 7.3) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description:
This release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse 7.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
-
jackson-databind: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)
-
struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)
-
jetty: HTTP request smuggling (CVE-2017-7657)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Solution:
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.3.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/
- Bugs fixed (https://bugzilla.redhat.com/):
1091939 - CVE-2014-0112 struts2: ClassLoader manipulation via request parameters 1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper 1595620 - CVE-2017-7657 jetty: HTTP request smuggling
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2014-0007 Synopsis: VMware product updates address security vulnerabilities in Apache Struts library Issue date: 2014-06-24 Updated on: 2014-06-24 (Initial Advisory) CVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112
-
Summary
VMware product updates address security vulnerabilities in Apache Struts library
-
Relevant releases
VMware vCenter Operations Management Suite prior to 5.8.2
-
Problem Description
a. The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0050, CVE-2014-0094, and
CVE-2014-0112 to these issues.
CVE-2014-0112 may lead to remote code execution. This issue was
found to be only partially addressed in CVE-2014-0094.
CVE-2014-0050 may lead to a denial of service condition.
vCenter Operations Management Suite (vCOps) is affected by both
CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112
may lead to remote code execution without authentication.
vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not
by CVE-2014-0112.
Workaround
A workaround for CVE-2014-0112 is documented in VMware Knowledge Base
article 2081470.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
vCOPS 5.8.x any vCOPS 5.8.2
vCOPS 5.7.x any patch pending *
vCO 5.5 any patch pending
vCO 5.1 any patch pending
vCO 4.2 any patch pending
*Customers are advised to apply the workaround or update to vCOps
5.8.2.
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Operations Management Suite 5.8.2
Downloads and Documentation: https://www.vmware.com/go/download-vcops
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
http://kb.vmware.com/kb/2081470
- Change log
2014-06-24 VMSA-2014-0007 Initial security advisory in conjunction with the release of vCenter Operations Management Suite 5.8.2 on 2014-06-24.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 15337) Charset: utf-8
wj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM CZ5+DYZAydCjMwVgtKqoo7Y= =Vwu5 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0286", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "struts", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.0.0" }, { "model": "struts", "scope": "lt", "trust": 1.0, "vendor": "apache", "version": "2.3.16.2" }, { "model": "struts", "scope": "eq", "trust": 0.8, "vendor": "apache", "version": "2.0.0 to 2.3.16.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3 for x86(32bit)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3 for x86_64(64bit)" }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "integrated system ha database ready", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business analytics modeling server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business process manager analytics" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "extreme transaction processing server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "mobile manager" }, { "model": "interstage application development cycle manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage interaction manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage service integrator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "analytics server" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "server" }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service quality coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "triole", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "cloudmiddleset b set" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.8" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.7" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.4.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14.3" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.16.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.15" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.4" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.14" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.12" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.10" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.9" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.7" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.13" } ], "sources": [ { "db": "BID", "id": "67064" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "CNNVD", "id": "CNNVD-201404-445" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.16.2", "versionStartIncluding": "2.0.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-0112" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "152687" }, { "db": "CNNVD", "id": "CNNVD-201404-445" } ], "trust": 0.7 }, "cve": "CVE-2014-0112", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "IPA", "availabilityImpact": "Partial", "baseScore": 7.5, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2014-000045", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2014-0112", "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "HIGH", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-0112", "trust": 1.0, "value": "HIGH" }, { "author": "IPA", "id": "JVNDB-2014-000045", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-201404-445", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2014-0112", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "CNNVD", "id": "CNNVD-201404-445" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated. NTT-CERT reported this vulnerability to IPA. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Summary:\n\nA minor version update (from 7.2 to 7.3) is now available for Red Hat Fuse. \nThe purpose of this text-only errata is to inform you about the security\nissues fixed in this release. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Description:\n\nThis release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse\n7.2, and includes bug fixes and enhancements, which are documented in the\nRelease Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* jackson-databind: A deserialization flaw was discovered in the\njackson-databind which could allow an unauthenticated user to perform code\nexecution by sending the maliciously crafted input to the readValue method\nof the ObjectMapper. (CVE-2017-7525)\n\n* struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)\n\n* jetty: HTTP request smuggling (CVE-2017-7657)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nInstallation instructions are available from the Fuse 7.3.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1091939 - CVE-2014-0112 struts2: ClassLoader manipulation via request parameters\n1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper\n1595620 - CVE-2017-7657 jetty: HTTP request smuggling\n\n5. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2014-0007\nSynopsis: VMware product updates address security vulnerabilities in \n Apache Struts library \nIssue date: 2014-06-24\nUpdated on: 2014-06-24 (Initial Advisory)\nCVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware product updates address security vulnerabilities in Apache \n Struts library\n\n2. Relevant releases\n\n VMware vCenter Operations Management Suite prior to 5.8.2\n\n3. Problem Description\n\n a. The Apache Struts library is updated to version 2.3.16.2 to \n address multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2014-0050, CVE-2014-0094, and\n CVE-2014-0112 to these issues. \n\n CVE-2014-0112 may lead to remote code execution. This issue was \n found to be only partially addressed in CVE-2014-0094. \n\n CVE-2014-0050 may lead to a denial of service condition. \n\n vCenter Operations Management Suite (vCOps) is affected by both \n CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112\n may lead to remote code execution without authentication. \n\n vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not \n by CVE-2014-0112. \n\n Workaround\n\n A workaround for CVE-2014-0112 is documented in VMware Knowledge Base\n article 2081470. \n\n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is \n available. \n\n VMware Product\tRunning\tReplace with/\n Product Version\ton\tApply Patch\n ============= =======\t=======\t=================\n vCOPS\t 5.8.x \tany \tvCOPS 5.8.2\n vCOPS 5.7.x any patch pending *\n\n vCO 5.5 any patch pending\n vCO 5.1 any patch pending\n vCO 4.2 any patch pending\n\n *Customers are advised to apply the workaround or update to vCOps\n5.8.2. \n\n4. Solution\n\n Please review the patch/release notes for your product and version \n and verify the checksum of your downloaded file. \n\n vCenter Operations Management Suite 5.8.2\n -----------------------------------------\n Downloads and Documentation:\n https://www.vmware.com/go/download-vcops\n \n5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112\n\n http://kb.vmware.com/kb/2081470\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n 2014-06-24 VMSA-2014-0007\n Initial security advisory in conjunction with the release of vCenter\n Operations Management Suite 5.8.2 on 2014-06-24. \n\n- ------------------------------------------------------------------------\n\n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: Encryption Desktop 10.3.2 (Build 15337)\nCharset: utf-8\n\nwj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM\nCZ5+DYZAydCjMwVgtKqoo7Y=\n=Vwu5\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2014-0112" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "BID", "id": "67064" }, { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "PACKETSTORM", "id": "152687" }, { "db": "PACKETSTORM", "id": "127215" } ], "trust": 2.16 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=33142", "trust": 0.2, "type": "exploit" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0112" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-0112", "trust": 3.0 }, { "db": "JVN", "id": "JVN19294237", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2014-000045", "trust": 2.5 }, { "db": "BID", "id": "67064", "trust": 2.0 }, { "db": "PACKETSTORM", "id": "127215", "trust": 1.8 }, { "db": "SECUNIA", "id": "59500", "trust": 1.7 }, { "db": "SECUNIA", "id": "59178", "trust": 1.7 }, { "db": "CERT/CC", "id": "VU#719225", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "152687", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2019.1493", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201404-445", "trust": 0.6 }, { "db": "EXPLOITDB", "id": "33142", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2014-0112", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "BID", "id": "67064" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "PACKETSTORM", "id": "152687" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201404-445" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "id": "VAR-201404-0286", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.1875 }, "last_update_date": "2024-04-19T20:14:12.803000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Announcements - 2013 24 April 2014 - Struts up to 2.3.16.1: Zero-Day Exploit Mitigation", "trust": 0.8, "url": "http://struts.apache.org/announce.html#a20140424" }, { "title": "Security Bulletins S2-020", "trust": 0.8, "url": "http://struts.apache.org/release/2.3.x/docs/s2-020.html" }, { "title": "Security Bulletins S2-021", "trust": 0.8, "url": "http://struts.apache.org/release/2.3.x/docs/s2-021.html" }, { "title": "Download a Release of Apache Struts -- Full Releases Struts 2.3.16.2", "trust": 0.8, "url": "http://struts.apache.org/download.cgi#struts23162" }, { "title": "struts-1.2.9-4jpp.8.AXS3 ", "trust": 0.8, "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=3678\u0026stype=\u0026sproduct=\u0026published=1" }, { "title": "Interstage Application Development Cycle Manager(ADM): Apache Struts vulnerable (CVE-2014-0094)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_aplidevcyclemgr_201401.html" }, { "title": "CVE-2014-0094, CVE-2014-0114: Apache Struts vulnerable to ClassLoader manipulation", "trust": 0.8, "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve2014-0094-0114e.html" }, { "title": "Interstage Business Process Manager Analytics, Systemwalker Service Quality Coordinator: Vulnerability of allowing attackers to \"manipulate\" the ClassLoader (CVE-2014-0094). May 20th, 2014", "trust": 0.8, "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/interstage-bpma201401e.html" }, { "title": "Symfoware Server (Open Interface) : Security vulnerabilities of Struts (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html" }, { "title": "Interstage Interaction Manager: Struts1 vulnerability (CVE-2014-0094)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_im_201401.html" }, { "title": "Interstage Mobile Manager: Struts1 vulnerability (CVE-2014-0094)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_mm_201401.html" }, { "title": "FUJITSU Integrated System HA Database Ready: Struts2 vulnerabilities (CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html" }, { "title": "1680848", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680848" }, { "title": "1681190", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681190" }, { "title": "2081470", "trust": 0.8, "url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_us\u0026cmd=displaykc\u0026externalid=2081470" }, { "title": "NV15-001", "trust": 0.8, "url": "http://jpn.nec.com/security-info/secinfo/nv15-001.html" }, { "title": "Oracle Critical Patch Update Advisory - April 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html" }, { "title": "Bug 1091939", "trust": 0.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091939" }, { "title": "Huawei-SA-20140707-01-Struts2", "trust": 0.8, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm" }, { "title": "April 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update" }, { "title": "Alert/Advisory: Multiple Vulnerabilities in Apache Struts on Trend Micro Products", "trust": 0.8, "url": "http://esupport.trendmicro.com/solution/ja-jp/1103321.aspx" }, { "title": "VMSA-2014-0007", "trust": 0.8, "url": "http://www.vmware.com/security/advisories/vmsa-2014-0007.html" }, { "title": "Red Hat: Important: Red Hat Fuse 7.3 security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20190910 - security advisory" }, { "title": "Red Hat: CVE-2014-0112", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0112" }, { "title": "VMware Security Advisories: VMware product updates address security vulnerabilities in Apache Struts library", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=3f8f92a767d3e2773247be2d5077cbee" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585" }, { "title": "strutt-cve-2014-0114", "trust": 0.1, "url": "https://github.com/anob3it/strutt-cve-2014-0114 " }, { "title": "-maven-security-versions", "trust": 0.1, "url": "https://github.com/nagauker/-maven-security-versions " }, { "title": "maven-security-versions-Travis", "trust": 0.1, "url": "https://github.com/klee94/maven-security-versions-travis " }, { "title": "maven-security-versions", "trust": 0.1, "url": "https://github.com/victims/maven-security-versions " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/tmpgit3000/victims " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/alexsh88/victims " }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/vmware-patches-apache-struts-flaws-in-vcops/106858/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.0 }, { "problemtype": "CWE-DesignError", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://jvn.jp/en/jp/jvn19294237/index.html" }, { "trust": 2.5, "url": "https://access.redhat.com/errata/rhsa-2019:0910" }, { "trust": 2.4, "url": "http://www.securityfocus.com/bid/67064" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/127215/vmware-security-advisory-2014-0007.html" }, { "trust": 2.3, "url": "http://www.vmware.com/security/advisories/vmsa-2014-0007.html" }, { "trust": 1.7, "url": "http://jvndb.jvn.jp/jvndb/jvndb-2014-000045" }, { "trust": 1.7, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091939" }, { "trust": 1.7, "url": "https://cwiki.apache.org/confluence/display/ww/s2-021" }, { "trust": 1.7, "url": "http://secunia.com/advisories/59500" }, { "trust": 1.7, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 1.7, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676706" }, { "trust": 1.7, "url": "http://secunia.com/advisories/59178" }, { "trust": 1.7, "url": "http://www.securityfocus.com/archive/1/532549/100/0/threaded" }, { "trust": 1.7, "url": "http://www.securityfocus.com/archive/1/531952/100/0/threaded" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0094" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0112" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0094" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0112" }, { "trust": 0.8, "url": "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new/" }, { "trust": 0.8, "url": "http://www.kb.cert.org/vuls/id/719225" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/152687/red-hat-security-advisory-2019-0910-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80006" }, { "trust": 0.3, "url": "http://struts.apache.org/" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2014-0112" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0112" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/264.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://threatpost.com/vmware-patches-apache-struts-flaws-in-vcops/106858/" }, { "trust": 0.1, "url": "https://www.exploit-db.com/exploits/33142/" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38390" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7657" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/html-single/release_notes/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2017-7525" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7525" }, { "trust": 0.1, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2017-7657" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.fuse\u0026version=7.3.0" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0050" }, { "trust": 0.1, "url": "https://twitter.com/vmwaresrc" }, { "trust": 0.1, "url": "https://www.vmware.com/support/policies/lifecycle.html" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/2081470" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/1055" }, { "trust": 0.1, "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce" }, { "trust": 0.1, "url": "https://www.vmware.com/support/policies/security_response.html" }, { "trust": 0.1, "url": "http://www.vmware.com/security/advisories" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0050" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0094" }, { "trust": 0.1, "url": "https://www.vmware.com/go/download-vcops" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "BID", "id": "67064" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "PACKETSTORM", "id": "152687" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201404-445" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "BID", "id": "67064" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "PACKETSTORM", "id": "152687" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201404-445" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-04-29T00:00:00", "db": "VULMON", "id": "CVE-2014-0112" }, { "date": "2014-04-24T00:00:00", "db": "BID", "id": "67064" }, { "date": "2014-04-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "date": "2019-04-30T16:20:15", "db": "PACKETSTORM", "id": "152687" }, { "date": "2014-06-25T21:34:12", "db": "PACKETSTORM", "id": "127215" }, { "date": "2014-04-24T00:00:00", "db": "CNNVD", "id": "CNNVD-201404-445" }, { "date": "2014-04-29T10:37:03.670000", "db": "NVD", "id": "CVE-2014-0112" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-12T00:00:00", "db": "VULMON", "id": "CVE-2014-0112" }, { "date": "2015-04-16T18:14:00", "db": "BID", "id": "67064" }, { "date": "2015-05-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "date": "2019-08-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201404-445" }, { "date": "2019-08-12T21:15:12.360000", "db": "NVD", "id": "CVE-2014-0112" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201404-445" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Struts vulnerable to ClassLoader manipulation", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-000045" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control issues", "sources": [ { "db": "CNNVD", "id": "CNNVD-201404-445" } ], "trust": 0.6 } }
cve-2006-3579
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/18950 | vdb-entry, x_refsource_BID | |
http://secunia.com/advisories/21011 | third-party-advisory, x_refsource_SECUNIA | |
http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html | x_refsource_CONFIRM | |
http://jvn.jp/jp/JVN%2373368472/index.html | third-party-advisory, x_refsource_JVN | |
http://www.osvdb.org/27105 | vdb-entry, x_refsource_OSVDB | |
http://jvn.jp/jp/JVN%2376686161/index.html | third-party-advisory, x_refsource_JVN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:30:34.360Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "18950", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18950" }, { "name": "21011", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21011" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html" }, { "name": "JVN#73368472", "tags": [ "third-party-advisory", "x_refsource_JVN", "x_transferred" ], "url": "http://jvn.jp/jp/JVN%2373368472/index.html" }, { "name": "27105", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/27105" }, { "name": "JVN#76686161", "tags": [ "third-party-advisory", "x_refsource_JVN", "x_transferred" ], "url": "http://jvn.jp/jp/JVN%2376686161/index.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2006-08-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "18950", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18950" }, { "name": "21011", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21011" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html" }, { "name": "JVN#73368472", "tags": [ "third-party-advisory", "x_refsource_JVN" ], "url": "http://jvn.jp/jp/JVN%2373368472/index.html" }, { "name": "27105", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/27105" }, { "name": "JVN#76686161", "tags": [ "third-party-advisory", "x_refsource_JVN" ], "url": "http://jvn.jp/jp/JVN%2376686161/index.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3579", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "18950", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18950" }, { "name": "21011", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21011" }, { "name": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html", "refsource": "CONFIRM", "url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html" }, { "name": "JVN#73368472", "refsource": "JVN", "url": "http://jvn.jp/jp/JVN%2373368472/index.html" }, { "name": "27105", "refsource": "OSVDB", "url": "http://www.osvdb.org/27105" }, { "name": "JVN#76686161", "refsource": "JVN", "url": "http://jvn.jp/jp/JVN%2376686161/index.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3579", "datePublished": "2006-07-13T10:00:00", "dateReserved": "2006-07-12T00:00:00", "dateUpdated": "2024-08-07T18:30:34.360Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2007-3011
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/35257 | vdb-entry, x_refsource_XF | |
http://www.securityfocus.com/archive/1/472800/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
http://www.vupen.com/english/advisories/2007/2441 | vdb-entry, x_refsource_VUPEN | |
http://osvdb.org/37835 | vdb-entry, x_refsource_OSVDB | |
http://www.redteam-pentesting.de/advisories/rt-sa-2007-002.php | x_refsource_MISC | |
http://securityreason.com/securityalert/2858 | third-party-advisory, x_refsource_SREASON | |
http://www.securityfocus.com/bid/24762 | vdb-entry, x_refsource_BID | |
http://secunia.com/advisories/25944 | third-party-advisory, x_refsource_SECUNIA |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T13:57:54.941Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "serverview-servername-command-execution(35257)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35257" }, { "name": "20070704 Fujitsu-Siemens ServerView Remote Command Execution", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/472800/100/0/threaded" }, { "name": "ADV-2007-2441", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2441" }, { "name": "37835", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/37835" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2007-002.php" }, { "name": "2858", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/2858" }, { "name": "24762", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/24762" }, { "name": "25944", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25944" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-07-04T00:00:00", "descriptions": [ { "lang": "en", "value": "The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "serverview-servername-command-execution(35257)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35257" }, { "name": "20070704 Fujitsu-Siemens ServerView Remote Command Execution", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/472800/100/0/threaded" }, { "name": "ADV-2007-2441", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2441" }, { "name": "37835", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/37835" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2007-002.php" }, { "name": "2858", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/2858" }, { "name": "24762", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/24762" }, { "name": "25944", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25944" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-3011", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "serverview-servername-command-execution(35257)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35257" }, { "name": "20070704 Fujitsu-Siemens ServerView Remote Command Execution", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/472800/100/0/threaded" }, { "name": "ADV-2007-2441", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2441" }, { "name": "37835", "refsource": "OSVDB", "url": "http://osvdb.org/37835" }, { "name": "http://www.redteam-pentesting.de/advisories/rt-sa-2007-002.php", "refsource": "MISC", "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2007-002.php" }, { "name": "2858", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2858" }, { "name": "24762", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24762" }, { "name": "25944", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25944" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-3011", "datePublished": "2007-07-05T19:00:00", "dateReserved": "2007-06-04T00:00:00", "dateUpdated": "2024-08-07T13:57:54.941Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3578
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/18950 | vdb-entry, x_refsource_BID | |
http://secunia.com/advisories/21011 | third-party-advisory, x_refsource_SECUNIA | |
http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html | x_refsource_CONFIRM | |
http://www.osvdb.org/27106 | vdb-entry, x_refsource_OSVDB | |
http://jvn.jp/jp/JVN%2373368472/index.html | third-party-advisory, x_refsource_JVN | |
http://jvn.jp/jp/JVN%2376686161/index.html | third-party-advisory, x_refsource_JVN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:30:34.452Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "18950", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18950" }, { "name": "21011", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21011" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html" }, { "name": "27106", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/27106" }, { "name": "JVN#73368472", "tags": [ "third-party-advisory", "x_refsource_JVN", "x_transferred" ], "url": "http://jvn.jp/jp/JVN%2373368472/index.html" }, { "name": "JVN#76686161", "tags": [ "third-party-advisory", "x_refsource_JVN", "x_transferred" ], "url": "http://jvn.jp/jp/JVN%2376686161/index.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Directory traversal vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to read arbitrary files via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-01-30T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "18950", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18950" }, { "name": "21011", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21011" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html" }, { "name": "27106", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/27106" }, { "name": "JVN#73368472", "tags": [ "third-party-advisory", "x_refsource_JVN" ], "url": "http://jvn.jp/jp/JVN%2373368472/index.html" }, { "name": "JVN#76686161", "tags": [ "third-party-advisory", "x_refsource_JVN" ], "url": "http://jvn.jp/jp/JVN%2376686161/index.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3578", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Directory traversal vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to read arbitrary files via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "18950", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18950" }, { "name": "21011", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21011" }, { "name": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html", "refsource": "CONFIRM", "url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html" }, { "name": "27106", "refsource": "OSVDB", "url": "http://www.osvdb.org/27106" }, { "name": "JVN#73368472", "refsource": "JVN", "url": "http://jvn.jp/jp/JVN%2373368472/index.html" }, { "name": "JVN#76686161", "refsource": "JVN", "url": "http://jvn.jp/jp/JVN%2376686161/index.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3578", "datePublished": "2006-07-13T10:00:00", "dateReserved": "2006-07-12T00:00:00", "dateUpdated": "2024-08-07T18:30:34.452Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2008-3126
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063043.html | mailing-list, x_refsource_FULLDISC | |
http://www.securityfocus.com/bid/30081 | vdb-entry, x_refsource_BID | |
http://secunia.com/advisories/30913 | third-party-advisory, x_refsource_SECUNIA | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/43611 | vdb-entry, x_refsource_XF | |
http://www.vupen.com/english/advisories/2008/2007/references | vdb-entry, x_refsource_VUPEN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T09:28:41.446Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20080703 DDIVRT-2008-12-ServerView SnmpGetMibValues.exe Buffer Overflow", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063043.html" }, { "name": "30081", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/30081" }, { "name": "30913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30913" }, { "name": "serverview-snmpgetmibvalues-bo(43611)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43611" }, { "name": "ADV-2008-2007", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/2007/references" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2008-07-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20080703 DDIVRT-2008-12-ServerView SnmpGetMibValues.exe Buffer Overflow", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063043.html" }, { "name": "30081", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/30081" }, { "name": "30913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30913" }, { "name": "serverview-snmpgetmibvalues-bo(43611)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43611" }, { "name": "ADV-2008-2007", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/2007/references" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-3126", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20080703 DDIVRT-2008-12-ServerView SnmpGetMibValues.exe Buffer Overflow", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063043.html" }, { "name": "30081", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30081" }, { "name": "30913", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30913" }, { "name": "serverview-snmpgetmibvalues-bo(43611)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43611" }, { "name": "ADV-2008-2007", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2007/references" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-3126", "datePublished": "2008-07-10T18:00:00", "dateReserved": "2008-07-10T00:00:00", "dateUpdated": "2024-08-07T09:28:41.446Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }